Contact information for 9,000 Department of Homeland Security (DHS) employees was released online Sunday evening after hackers compromised the email account of a Justice Department official through social engineering. Numerous calls matched with their respective individuals in the database. After failing to log in to the a staff portal, the hacker called the correct department, offered a story about being a new employee and was given a code that granted them access. According to Motherboard, the hacker claims to have had access to 1TB of data, but only took 200GB. But government sources familiar with the hack said the compromised information paled by comparison to the recent data theft from the Office of Personnel Management (OPM). The post lists names, job titles, work email addresses, phone numbers and the state in which the DHS employee works.
Advertisement
A week-old Twitter account, @DotGovs, claims to be the hacker and says the breach is intended as an anti-Israel protest. The hacker sent the stolen data trove to Motherboard which verified it and found numerous telephone numbers checked out.
The hacker also claimed that the Justice Department only became aware of the breach in the last 24 hours, although the hack was executed a week ago. In reference to the DHS employee directory, it contains all manner of directors, managers, specialists, analysts, intelligence staff members, and more.
Another group of hackers, known as Crackas with Attitude, have recently broken into the personal email accounts of several high-ranking law enforcement and intelligence officials to demonstrate support for Palestine. Though the DHS breach appears far less severe, it is nevertheless particularly embarrassing given that the department has been designated the point of entry for all corporate data shared with government agencies in the controversial information sharing program between industry and government created by the Cybersecurity Information Sharing Act a year ago. On the profile, which has stated publicly that it has multiple admins, the hackers threatened to expose a separate set of up to 20,000 credentials from the Federal Bureau of Investigation – however this data has not yet been published. Motherboard provided a copy of the apparent DHS data to the National Infrastructure Coordinating Center (NICC), which is part of the DHS, but it declined to comment on the issue.
Advertisement
Motherboard was able to confirm that the data was accurate by randomly calling some of the numbers the hacker provided. A message appears at the beginning of the database that reads, “This is for Palestine, Ramallah, West Bank, Gaza”.
