Hacker breached Perceptics, a US maker of license plate readers

Perceptics, a maker of vehicle license plate scanning solutions used in the US, has been hacked, attackers stole data and offered for free on the dark web.

Perceptics is a leader in license plate readers (LPRs), license plate recognition systems and vehicle identification products. The company was hacked and attackers stole data and offered business plans, financial documents, and personal information for free on the dark web.

LPRs manufactured by Perceptics are installed at all land border crossing lanes for privately owned vehicle traffic (POV) in the United States, Canada, and for the most critical lanes in Mexico.

Last week, a hacker that goes online with the moniker ‘Boris Bullet-Dodger’ reported the hack to The Register and showing it a list of files as proof of the attack.

The hacker stole hundreds of gigabytes of files along with Microsoft Exchange and Access databases, ERP databases, HR records, and Microsoft SQL Server data stores.

The name ‘Boris’ is not new for the cyber security industry, it is the name of the hacker who breached the IT provider CityComp at the end of April.

Stolen data include some databases and company documents.

“The file names and accompanying directories – numbering almost 65,000 – fit with the focus of the surveillance technology biz.” reads the post published by El Reg. “They include .xlsx files named for locations and zip codes, .jpg files with names that refer to “driver” and “scene,” .docx files associated with presumed government clients like ICE, and date-and-time stamped .jpgs and .mp4 files.”

Perceptics confirmed the incident and reported it to the authorities, the company did not provide technical details about the hack.

If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter”

Thank you

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Perceptics, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Next First American Financial exposed 16 years’ worth of personal and financial documents »

Previous « Sectigo says that most of certificates reported by Chronicle analysis were already revoked

Published by

Pierluigi Paganini

Tags: data breachHackinginformation security newsPercepticsPierluigi PaganiniSecurity NewsSecurityAffairs

6 years ago

Trend Micro fixes critical bugs in Apex Central and TMEE PolicyServer

Trend Micro fixed multiple vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer…

21 seconds ago

Mobile

Paragon Graphite Spyware used a zero-day exploit to hack at least two journalists’ iPhones<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

Security researchers at Citizen Lab revealed that Paragon's Graphite spyware can hack fully updated iPhones…

11 hours ago

Security

SinoTrack GPS device flaws allow remote vehicle control and location tracking

Two vulnerabilities in SinoTrack GPS devices can allow remote vehicle control and location tracking by…

19 hours ago

Security

U.S. CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wazuh, and WebDAV flaws to its Known…

22 hours ago

Internet of Things

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and…

24 hours ago

Cyber Crime

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

INTERPOL announced that a joint operation code-named Operation Secure took down 20,000+ malicious IPs/domains tied…

1 day ago