CBP facility codes seem to have leaked via online flashcards

CBP facility codes sure seem to have leaked via online flashcards. Quizlet flashcards seem to include sensitive information about gate security at CBP locations. A user on Quizlet, an online learning platform, created a public flashcard set in February that appears to have exposed highly confidential information about security procedures in US Customs and Border Protection facilities around Kingsville, Texas. The Quizlet set was titled “USBP Review” and was available to the public until March 20, when it was made private less than half an hour after WIRED messaged a phone number potentially linked to the Quizlet user. An individual with the user’s name was listed at an address of an apartment less than a mile from a Kingsville CBP facility, but WIRED was not able to verify that the flashcard set was created by an active CBP agent or contractor. CBP said the incident is being reviewed by its Office of Professional Responsibility and added that a review should not be taken as an indication of wrongdoing. The Department of Homeland Security and Immigration and Customs Enforcement did not respond to WIRED’s request for comment. If the Quizlet set was created by an individual associated with CBP, it represents a serious breach in security for an agency created to safeguard the American homeland.

The public Quizlet set contained information about alleged codes for specific facility entrances. One card asked “Checkpoint doors code?” and listed a specific four-digit combination as the answer. Another card asked for the code of a specific gate at the facility and again provided an exact combination as the answer. Two other gate codes were described in the same question-and-answer style, though WIRED withheld the gate names because it was unclear whether they are confidential. Another series of cards described certain immigration offenses and related federal charges, including misuse of a passport, fraud or misuse of a visa, and fleeing from a checkpoint, and the cards linked those charges to forms and procedures. The set also referenced voluntary return to countries outside the US, expedited removal, and warrant of removal, noting forms that needed to be filled out and reminding users about a checklist on something called an “agents Resources Page” to ensure the accuracy of those entries. In addition to procedural material, other cards offered detailed information about the Kingsville workforce’s 1,932-square-mile area of responsibility, including the six county lines and the agency’s internal grid and zone organizational system, and one card noted that a specific grid “does not exist” because of the structure of local highways. Another card named the 11 CBP “towers” in the area and noted abbreviated names of two towers and the shared area of responsibility of a third tower. The last card WIRED reviewed detailed an apparent internal system called “E3 BEST,” which appeared to allow officers to record, investigate and adjudicate secondary referrals at USBP checkpoints by querying subjects and vehicles through multiple law enforcement databases and creating e3 Events for referrals resulting in an arrest. Quizlet said it takes reports of sensitive or inappropriate content seriously and acts promptly when content violates its policies, and the company encouraged people who encounter concerning material to report it directly from the flashcard set, class, or profile page or to contact Quizlet for review and action. This potential exposure of confidential information comes amid a rapid hiring surge at CBP with substantial recruitment and retention incentives available to new agents, and ICE is also seeking rapid recruits with large signing bonuses and student loan repayment offers. This story originally appeared at WIRED.com.