Secret Service Investigates Breach at U.S. Govt IT Contractor

[InfoSec News <alerts () infosecnews org>]

https://krebsonsecurity.com/2019/09/secret-service-investigates-breach-at-u-s-govt-it-contractor/

By Brian Krebs
Krebs on Security
September 9, 2019

The U.S. Secret Service is investigating a breach at a Virginia-based 
government technology contractor that saw access to several of its systems put 
up for sale in the cybercrime underground, KrebsOnSecurity has learned. The 
contractor claims the access being auctioned off was to old test systems that 
do not have direct connections to its government partner networks.

In mid-August, a member of a popular Russian-language cybercrime forum offered 
to sell access to the internal network of a U.S. government IT contractor that 
does business with more than 20 federal agencies, including several branches of 
the military. The seller bragged that he had access to email correspondence and 
credentials needed to view databases of the client agencies, and set the 
opening price at six bitcoins (~USD $60,000).

A review of the screenshots posted to the cybercrime forum as evidence of the 
unauthorized access revealed several Internet addresses tied to systems at the 
U.S. Department of Transportation, the National Institutes of Health (NIH), and 
U.S. Citizenship and Immigration Services (USCIS), a component of the U.S. 
Department of Homeland Security that manages the nation’s naturalization and 
immigration system.

Other domains and Internet addresses included in those screenshots pointed to 
Miracle Systems LLC, an Arlington, Va. based IT contractor that states on its 
site that it serves 20+ federal agencies as a prime contractor, including the 
aforementioned agencies.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_