The damages inflicted by the data breach at the Office of Personnel Management have yet to subside, but a fresh similar incident transpired right at the heart of the federal government’s security portal – the Department of Homeland Security.
According to various reports, hackers were able to gain unauthorized access to the vast trove of personal information that belongs to the employees of Homeland Security. There have been nearly 10,000 details including names, addresses, phone numbers and email addresses leaked and pasted online on a text-sharing site called Cryptobin.
As though that was not enough, hackers claim to be in possession of personal data of some 20,000 employees at the Federal Bureau of Investigations and another database of information pertaining to Department of Justice’s personnel, indicating the attack is more pervasive than we think. The group of hackers warned that it will release these pieces of information in due time.
Security experts who looked into what the hackers claim as personal information of Homeland Security employees can confirm that the data indeed belong to them. More specifically, the leaked data belong to employees who work within the department’s communications group, security team, and intelligence community, among others.
Prior to the leak of these details, an individual who claimed to be a former member of the same hacking group that attacked the Sony PlayStation and Xbox Live in December 2014 warned that he would launch an attack against Homeland Security.
According to the attacker, he was able to gain access to DHS network through a spear phishing technique in which malicious emails are spread to initiate the attack. What he did was penetrate the databases of the FBI and Homeland Security, obtain the database through an intranet containing 1 terabyte of data.
These bits of information also include credit card numbers and military emails, a more serious implication of security breach that can compromise national security. It indicates how easy it would be for any attacker to gain access to these departments which play a crucial role in the nation’s effort to maintain security.
The group behind the breach says it does what it did to Homeland Security in the name of Palestine, West Bank and Gaza, where innocent lives have been unnecessarily snuffled in the midst of war between the United States and its enemies.
The Department of Justice and Homeland Security said an investigation is underway to determine the severity of the breach and whether sensitive information were released publicly. The departments, however, suggest no sensitive information have been leaked so far.