Maker of US border's license-plate scanning tech ransacked by hacker, blueprints and files dumped online

Perceptics confirms intrusion and theft, stays quiet on details

Exclusive The maker of vehicle license plate readers used extensively by the US government and cities to identify and track citizens and immigrants has been hacked. Its internal files were pilfered, and are presently being offered for free on the dark web to download.

Tennessee-based Perceptics prides itself as "the sole provider of stationary LPRs [license plate readers] installed at all land border crossing lanes for POV [privately owned vehicle] traffic in the United States, Canada, and for the most critical lanes in Mexico."

In fact, Perceptics recently announced, in a pact with Unisys Federal Systems, it had landed "a key contract by US Customs and Border Protection to replace existing LPR technology, and to install Perceptics next generation License Plate Readers (LPRs) at 43 US Border Patrol check point lanes in Texas, New Mexico, Arizona, and California."

On Thursday this week, however, an individual using the pseudonym "Boris Bullet-Dodger" contacted The Register, alerting us to the hack, and provided a list of files exfiltrated from Perceptics' corporate network as proof. We're assuming this is the same "Boris" involved in the CityComp hack last month. Boris declined to answer our questions.

Screenshot of Perceptics files

Archives of files stolen from Perceptics touted on the dark web this week ... Click to enlarge

The file names and accompanying directories – numbering almost 65,000 – fit with the focus of the surveillance technology biz. They include .xlsx files named for locations and zip codes, .jpg files with names that refer to "driver" and "scene," .docx files associated with presumed government clients like ICE, and date-and-time stamped .jpgs and .mp4 files.

And there many other types of files: .htm, .html, .txt, .doc, .asp, .tdb, .mdb, .json, .rtf, .xls, and .tif among others. Many of the image files, we're guessing, are license plate captures.

The files also include .mp3 files, presumably from someone's desktop or laptop PC. Among the songs: Superstition, by Stevie Wonder, and Wannabe by Spice Girls, and a variety of AC/DC and Cat Stevens songs.

A Ransom Note

Extortionist hacks IT provider used by the stars of tech and big biz, leaks customer info after ransom goes unpaid


The stolen files amount to hundreds of gigabytes and include Microsoft Exchange and Access databases, ERP databases, HR records, Microsoft SQL Server data stores, and so on. This information, which includes business plans, blueprints, data sheets, internal designs, financial figures, and personal information, is presently available in multiple .rar files on the dark web.

The nature of the company's business – border security data acquisition, commercial vehicle inspection, electronic toll collection and roadway monitoring – means that it's likely to have a significant amount of sensitive information.

A spokesperson for Perceptics, reached by phone, confirmed that the company was aware that its network had been compromised. She said the biz is working with authorities to investigate, but declined to go into further detail.

With the CityComp hack, stolen files were released because a ransom was not paid; we have yet to determine whether a ransom was sought for the Perceptics files.

At the time of writing, the company's website redirected to As we were about to publish this piece, however, we noticed the site was once again functioning properly. It's likely to take longer still for the business to recover from this cyber-break-in. ®

Keep Reading

Tech Resources

Webcast Slide Deck | How backup modernization changes the ransomware game

If the thrill of backing up your data and wondering if you will ever see it again has worn off, start the new year by getting rid of the lingering pain of legacy backup. Bipul Sinha, CEO of the Cloud Data Management Company, Rubrik, and Miguel Zatarain, Director of Global Infrastructure Technology at PACCAR, Fortune 500 manufacturer of trucks and Rubrik customer, are talking to the Reg’s Tim Phillips about how to eliminate the costly, slow and spotty performance of legacy backup, and how to modernize your implementation in 2021 to make your business more resilient.

What WAF is right for you

Applications are architected in many ways, but all need protection from threats. Learn the most important things to consider when choosing a WAF.

Three reasons you need a hybrid multicloud

Businesses need their IT teams to operate applications and data in a hybrid environment spanning on-premises private and public clouds. But this poses many challenges, such as managing complex networking, re-architecting applications for the cloud, and managing multiple infrastructure silos. There is a pressing need for a single platform that addresses these challenges - a hybrid multicloud built for the digital innovation era. Just this Regcast to find out: Why hybrid multicloud is the ideal path to accelerate cloud migration.

Top 20 Private Cloud Questions Answered

Download this asset for straight answers to your top private cloud questions.

Biting the hand that feeds IT © 1998–2021