June 10 (UPI) -- U.S. Customs and Border Protection said the photos of travelers and license plates were compromised in a cyberattack, the agency announced Monday.
CBP said the data was stolen when a subcontractor transferred the images to the subcontractor's company network. "A malicious cyberattack" then compromised the company's network, exposing the data.
The official said the transfer of the data to the subcontractor's company network was "in violation of CBP policies and without CBP's authorization or knowledge."
CBP said it first learned of the data breach in May. It was unclear how many photos were stolen or whether the data concerned U.S. citizens.
The agency keeps a database of photographs of people as they travel into and out of the United States.
"As of today, none of the image data has been identified on the Dark Web or Internet," CBP said. "CBP has alerted members of Congress and is working closely with other law enforcement agencies and cybersecurity entities, and its own Office of Professional Responsibility to actively investigate the incident."