This is the online edition of The Wiretap newsletter, your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.
CBP is carrying out a record number of phone searches but it doesn’t reveal how often it orders tech companies to provide data. (Photo by Kevin Carter/Getty Images)
Getty Images
Border patrol agencies spend millions on phone forensics tools made by companies like Cellebrite, a $4.2 billion market cap police tech provider, to search people’s devices when they suspect someone of a smuggling or immigration-related crime. But a search warrant shows that the tech sometimes fails and, when it does, agents will demand tech companies like Apple provide additional data.
According to the warrant, two women presented lawful permanent resident cards when crossing the San Ysidro, California port of entry in April. Another man in the car with them presented a passport, but agents quickly determined the ID photo didn’t match. After further checks and interviews, Customs Border Protection (CBP) determined he did not have the correct documentation to enter the country. Suspecting the man was being illegally smuggled into America, all three were taken into custody.
Agents tried searching three of the women’s iPhones with Cellebrite’s phone forensic devices, but “complete mobile device data acquisition of the iPhones were unsuccessful,” per the warrant. But they did discover the two women’s iCloud account details. CBP officers quickly filed a search warrant application to Apple. iCloud accounts can contain backed-up iMessages, WhatsApp communications and location history.
It’s unclear what data Apple provided. The company did not respond to a request for comment at the time of publication. Though it publishes transparency reports, it’s yet to provide any data on the number of government requests it has received this year.
Both women were charged with bringing in aliens for financial gain. They have pleaded not guilty.
As President Trump has cracked down on illegal immigration, digital border searches have skyrocketed. According to an October analysis of DHS data by Wired, CBP carried out more electronic device searches than ever in 2025, jumping 17% year-over-year. This warrant reveals more detail about that playbook: even if forensics devices fail, cloud data remains accessible via warrant or other court order.
As Forbes previously reported, over the last year, CBP and ICE have been making record purchases of tools like Cellebrite and rivals such as Grayshift, which can either break into locked phones or grab data from devices for which they’ve already gained access. In September, ICE spent a record $11.1 million on a single order of Cellebrite devices. In the same month, CBP signed off on a $2 million contract with the company and another $415,000 on Grayshift licenses.
The CBP does not release figures on the number of iCloud or other cloud-based searches it orders. It hadn’t provided comment at the time of publication.
Travellers can review guidance published by the ACLU earlier this year about rights at the border and the best ways to keep digital data private.
Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964.
THE BIG STORY:120,000 Connected Cameras Hacked In South Korea ‘Sexploitation’
Home internet-connected cameras have often been found vulnerable to simple cyberattacks.
getty
Four people have been arrested in South Korea for allegedly hacking into as many as 120,000 cameras to film sexual material, which they later sold online. One of the suspects is accused of hacking 63,000 cameras, making as much as $12,000 from the stolen footage.
The hackers were able to take advantage of poor security on home cameras, many of which were using weak passwords, according to the BBC.
Stories You Have To Read Today
Flock Safety has been training its car surveillance AI by doing what many other AI companies do: using overseas gig workers to label data collected by its cameras, according to 404 Media.
Europol announced law enforcement had seized $29 million in bitcoin while shutting down cryptocurrency mixing service Cryptomixer, which helped criminals hide illegally-obtained crypto by facilitating money laundering.
Independent reporter Brian Krebs claims to have identified a key member of Scattered Lapsus$ Hunters, a hacker crew that recently claimed to have stolen Salesforce data belonging to hundreds of companies. The individuals claimed they were already cooperating with law enforcement and were trying to leave the group.
Winner of the Week
Court Watch, which uncovers news stories from court documents and collaborates with reporters on them, is turning four. Just recently, Forbes wrote a story about an American accused of illegally shipping Nvidia chips to China after Court Watch flagged it. You can support its work by subscribing.
Loser of the Week
OpenAI confirmed its data analytics provider MixPanel was hacked, exposing some users’ personal information, including name and email address. The AI giant said it had stopped using MixPanel’s services.
More On ForbesForbesThis 28-Year-Old AI Founder Thinks His Customer Service Startup Can Beat Out Companies 10x His SizeBy Rashi ShrivastavaForbesBy The Numbers: Meet The Forbes Under 30 Class Of 2026By Alexandra YorkForbesHow A Tiny Polish Startup Became The Multi-Billion-Dollar Voice Of AIBy Iain Martin