March 5, 2018
Border Patrol Unable to Validate E-Passport Data – United States
U.S. Customs and Border Protection officials have been unable to cryptographically verify passports of visitors coming into the US for more than a decade because they lacked the proper software, according to a letter sent to CBP acting commissioner Kevin K. McAleenan by Sens. Ron Wyden (D-OR) and Claire McCaskill (D-MO). E-passports store a cryptographic signature to prevent forgeries and tampering, but CBP has not deployed the software needed to verify the information, causing a security lapse. "DHS does not have the capability to fully verify the digital signatures because it ... has not implemented the system functionality necessary to perform the verification,” GAO reported. "The additional security against forgery and counterfeiting that could be provided by the inclusion of computer chips on e-passports issued by the United States and foreign countries ... is not fully realized." The senators have asked CBP to work with the government’s General Services Administration to create a budget for implementing the software needed to use the e-passport verification functionality and present a plan by January 1, 2019.
Data Breach at Marine Forces Reserve Impacts Thousands – United States
The personal information of thousands of Marines, sailors and civilians, including bank account numbers, was compromised in a major data spillage emanating from U.S. Marine Corps Forces Reserve. Roughly 21,426 people were impacted when an unencrypted email with an attachment containing personal confidential information was sent to the wrong email distribution list Monday morning. The compromised attachment included highly sensitive data such as truncated social security numbers, bank electronic funds transfer and bank routing numbers, truncated credit card information, mailing address, residential address and emergency contact information, Maj. Andrew Aranda, spokesman for Marine Forces Reserve said in a command release. That email was a roster sent out by the Defense Travel System, or DTS, Marine Corps Times has learned. DTS is a Defense Department system that assists military and civilian defense personnel with travel itineraries and settling expenses from official authorized trips.
Magic Leap Takes Legal Action against Employee Who Alleges Hololens Trade Secret Violations – United States
Accused of violating whistleblower and age discrimination laws by its security director, Magic Leap has taken an internal situation to the US District Court to clear its name of the allegations. Among the employee's accusations is that Magic Leap management acted against his recommendations to confiscate a shipment of Microsoft HoloLens received by the company in 2016. According to court documents, the suit, originally reported by The Verge, was filed against Todd Keil, who is apparently is still employed at Magic Leap, in the Eastern District of Texas, since Keil resides in McKinney, Texas, a suburb of Fort Worth. Keil was hired in 2015 as senior director of global security; he left a post at the Department of Homeland Security in 2012. Magic Leap alleges that Keil, suspecting that he was on the verge of being fired, accused his employer of retaliatory actions for his opposition to the company's alleged violations of the Defend Trade Secrets Act (DTSA), US Export Regulations Act (EAR), and International Traffic in Arms Regulations (ITAR). According to Magic Leap, Keil also accused his employer of illegal electronic monitoring and filed an age discrimination complaint with the Equal Employment Opportunity Commission (EEOC). Magic Leap denies all of these allegations at length in its legal filing.
FOR MORE INFORMATION:
To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, as well as regular intelligence and risk updates and news, click here to subscribe!