Confidential security protocols for US Customs and Border Protection (CBP) facilities in Kingsville, Texas, were publicly exposed through a flashcard set on Quizlet, an online learning platform. The set, titled “USBP Review,” contained apparent access codes for specific facility entrances, detailed immigration offense procedures, and internal agency organizational information. Though the set was made private after being flagged by WIRED, its prior availability raises serious questions about data security within CBP and related agencies.
The Breach and Its Details
The leaked flashcards included explicit four-digit combinations allegedly used to open checkpoint doors and access restricted gates. Other cards detailed specific federal charges for immigration violations, along with instructions on completing related forms. The set also described the agency’s operational area – a 1,932-square-mile zone across six counties – and identified eleven CBP “towers” in the region, some of which correspond to the gates for which access codes were provided.
The flashcards further revealed details of an internal system called “E3 BEST,” used to investigate and adjudicate secondary referrals at USBP checkpoints by querying subjects and vehicles through multiple law enforcement databases.
Wider Exposure of Training Materials
The incident is not isolated. WIRED found other Quizlet sets apparently created by recruits from Immigration and Customs Enforcement (ICE) and the Department of Homeland Security (DHS). One ICE set, titled “ICE Detention Standards and Procedures for Deportation Officers,” contained basic operational instructions, while another DHS set, “DHS Insider Threat Training Test Out,” appeared to include an answer key for internal training materials.
Another user uploaded over sixty flashcard sets related to US immigration law and Spanish vocabulary. Some of these contained radio codes, border patrol alphabets, and even direct translations of words like “weapon” and “federal agent.” The final sets included phrases from DHS recruitment videos, such as “the nation,” “the security,” and “the homeland.”
Context and Implications
This leak comes amid a rapid hiring surge at CBP and ICE, where recruitment and retention incentives of up to $60,000 are being offered to new agents. The use of flashcards as a training tool, while not inherently problematic, highlights the risk of sensitive information being digitized and potentially exposed. It also suggests a possible lack of robust security measures for internal training materials.
The fact that this breach was discovered by a journalist, rather than internal security protocols, underscores a critical vulnerability in operational oversight. The potential for malicious actors to exploit this type of publicly available data is significant, and the incident raises questions about the vetting process for new recruits and the handling of confidential agency information.
Ultimately, the leak serves as a stark reminder that even seemingly innocuous platforms can become conduits for security breaches. The incident demands a thorough review of CBP’s internal protocols to prevent future exposure of sensitive data.
