Cybersecurity Flaws Plagued EU Border Control System, Audit Shows
Automated passport control machines for arriving passengers at the Humberto Delgado Airport in Lisbon, Portugal.
Photographer: Horacio Villalobos/Getty Images
An information-sharing system used by EU border forces to flag illegal immigrants and suspected criminals in real time was rife with software and security vulnerabilities, according to emails and confidential audit reports obtained by Bloomberg News and investigative newsroom Lighthouse Reports.
The Schengen Information System II had thousands of cybersecurity issues that the European Data Protection Supervisor, an EU auditor, deemed to be of “high” severity in a 2024 report. It also found that an “excessive number” of accounts had administrator-level access to the database, creating “an avoidable weakness that could be exploited by internal attackers.”