Reporting a Cybersecurity Event to CBP
If a member of the trade community is victim of a cybersecurity attack that impacts the company’s ability to transmit transactions to Customs and Broker Protection (CBP), the agency has identified the following information for reporting such an event and follow up steps.
Who to contact at CBP?
All security incidents that have any effect on the security posture of CBP must be reported to the CBP Office of Information Technology (OIT) Security Operations Center (CBP SOC) at (703) 921-6507.
During business hours (6:30 a.m.-7:30 p.m. ET): Contact CBP OIT SOC at (703) 921-6507 and if applicable, contact the party’s Client Representative. If the Client Representative is unknown, contact firstname.lastname@example.org.
After business hours (after 7:30 p.m. ET): Contact CBP OIT SOC and the CBP Technology Service Desk at ACE.SUPPORT@cbp.dhs.gov (with the Client Representative email address on copy, as appropriate).
When to contact CBP?
CBP should be contacted immediately once a cybersecurity attack is discovered.