License Plate Recognition Tech Provider Gets Breached, Attackers Release Sensitive Files

• The stolen files included Microsoft Exchange and Access databases, ERP databases, HR records, Microsoft SQL Server data stores, and more.
• The information included in these databases include sensitive information related to border security data acquisition, commercial vehicle inspection, electronic toll collection, and roadway monitoring.

Attackers broke into Perceptics’ network and stole its internal files. The stolen files that contain sensitive data are made available on the dark web for free.

What happened?

Perceptics is a company that provides license plate readers, license plate recognition systems, and vehicle identification products.

On May 23, 2019, a hacker who goes under the name ‘Boris Bullet-Dodger’ contacted The Register, alerting them about Perceptics hack, and provided a list of files stolen from Perceptics' network as proof.

The list of stolen files

• The list of files totaled 65,000 with the focus of the surveillance technology biz.
• The files included .xlsx files that contained locations and zip codes.
• It included few .jpg files that had names referring to ‘driver’ and ‘scene’. Some of the .jpg files included license plate images.
• It also included .docx files that were associated with government clients like ICE.
• The other types of files include .htm, .html, .txt, .doc, .asp, .tdb, .mdb, .json, .rtf, .xls, .mp3, .mp4, and .tif among others.

What data was involved?

• The stolen files included Microsoft Exchange and Access databases, ERP databases, HR records, Microsoft SQL Server data stores, and more.
• The information included in these databases includes business plans, financial figures, and personal information.
• It also included sensitive information related to border security data acquisition, commercial vehicle inspection, electronic toll collection, and roadway monitoring.

A spokesperson for Perceptics confirmed that the company was aware that its network had been hacked and noted that the company is conducting an investigation on the incident.