The Consular Consolidated Database (CCD), which contains over 290 million passport-related records, 184 million visa records, and 25 million records on US citizens living abroad, has been found to be vulnerable to cyber attack and possibly data tampering.
The discovery was the result of an internal review of the US State Department’s cyber defenses performed several months ago and, according to a Department’s official, “visa-related gaps” have already been fixed.
But according to ABC government sources, not all of the vulnerabilities have been mitigated and/or eliminated.
“Vulnerabilities have not all been fixed,” the source said, and added that “there is no defined timeline for closing [them] out,” despite the US State Department “working continuously” on detecting and closing possible vulnerabilities, as noted by its spokesman John Kirby.
The CCD holds two decades’ worth of personal information on practically anyone who has applied for a US passport or visa, including their photographs and fingerprints. The ability to access it, and change the information in it, would be a boon to terrorist groups and foreign intelligence agencies that seek ways to quietly plant spies within the country, APB noted.
The US State Department and other government sources say that there is no evidence that the database has been breached.
The Department also said that the vulnerabilities that were found would have been difficult to exploit, as the attackers would have had to also acquire “the right level of permissions” within the system in order to access the database’s content or to modify it.
In regards to the danger of having potential terrorists or spies allowed into the country by manipulating database records, the Department says that there are additional safety procedures that should spot these attempts (additional background checks, in-person interviews, etc.)
According to the sources, the vulnerabilities in the CCD are the result of legacy computer systems, which are set to be overhauled along with the infrastructure they lay upon in the coming years.