A recent incident has raised concerns about the security of sensitive information related to US Customs and Border Protection (CBP). An online learning platform accidentally exposed details about security procedures at CBP facilities in Kingsville, Texas. The details appeared in a publicly accessible flashcard set that was created on Quizlet, a popular study tool used by students and professionals alike.

Leak Details and Timeline

The flashcard set, titled “USBP Review,” was made available to anyone with internet access in February. It contained what appeared to be highly confidential codes and information related to CBP facilities in Kingsville. The set remained public until March 20, when it was suddenly made private. This change occurred less than thirty minutes after WIRED reached out with questions about the set.

While the specific creator of the flashcards is not confirmed to be an active CBP employee, there was a person listed with the same name at an apartment less than a mile from the Kingsville facility. WIRED attempted to verify whether the creator was connected to CBP or working as a contractor but was unable to confirm this. The incident has prompted an official review by CBP’s Office of Professional Responsibility.

Official Response and Ongoing Investigation

A CBP spokesperson issued a statement acknowledging the incident. They said the agency is reviewing the situation but declined to comment on whether any wrongdoing has taken place. The spokesperson emphasized that the review process is ongoing and that no conclusions have been drawn yet.

This leak highlights the risks associated with sharing sensitive information online, even unintentionally. The fact that security codes and procedural details could be accessible through a simple flashcard set illustrates how vulnerable some information might be. It also raises questions about how CBP manages its internal security and the measures in place to prevent such leaks.

While it’s unclear how much information was exposed or whether it could be exploited, the incident serves as a reminder of the importance of strict cybersecurity practices. Agencies like CBP need to ensure that sensitive operational details are well protected and only accessible to authorized personnel. Publicly available online resources, even those intended for learning, should be carefully monitored to prevent accidental disclosures.

Inspired by

• https://arstechnica.com/security/2026/04/cbp-facility-codes-sure-seem-to-have-leaked-via-online-flashcards/

Sources

• wired.com
• wired.com
• wired.com
• gao.gov
• cbp.gov