BreachExchange mailing list archives
DHS Data Leaked, Who’s Next?
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 8 Feb 2016 14:45:02 -0700
https://www.riskbasedsecurity.com/2016/02/dhs-data-leaked-whos-next/ Shortly after the Fraternal Order of Police (FOP) leak, we saw another potential leak from the same person that was allegedly from the National Aeronautics and Space Administration (NASA), concerning Drones. Since the FOP leak gained attention and was confirmed, this seemed like another breach that deserved examination. After analysis, it was determined that the group behind this leak was not accurate and it was just data from public records which can be accessed by anyone who visits asp-archive.arc.nasa.gov. While millions of people were busy watching Super Bowl 50, far fewer were watching what was going on in the Internet as more data was allegedly exposed. It started with a single tweet sharing that the Department of Justice had realized that they were compromised. Motherboard posted an article and shared details that they obtained including soon-to-be-leaked names, job titles, email addresses, and phone numbers of over 20,000 supposed Federal Bureau of Investigation (FBI) employees, as well as over 9,000 alleged Department of Homeland Security (DHS) employees. Their unnamed source also explained how the compromise occurred and then claimed to have downloaded hundreds of gigabytes of data from a Department of Justice (DOJ) computer as well. As we saw with the NASA drone data, sometimes leaks may not be what they appear to be on the surface, so the Motherboard article goes on to say that they placed several calls to the numbers and the names on the list appeared to match. The data itself was then leaked a little over an hour after the Motherboard article was published. To verify further, RBS researches quickly placed a few calls as well, and all calls went to voicemail and confirmed the names matched the list. When looking further at the list that was leaked, we found: 1,084 Specialist positions such as DHS Information Assurance Specialist, DHS IT Security Specialist and DHS Administrative Specialist 503 Officers positions such as DHS Committee Management Officer and DHS Senior Liaison Officer 716 Security positions such as Physical Security Division, Cargo Security, and IT Security Specialist. As the Super Bowl was coming to an end, without any cyber attack that we know about, or any sort of power outage, only the staff list at DHS has been released. However, it appears that there is more to come very soon. In this case, based on what we have seen with confirmation of the initial list, we believe the threat of further leaks to be credible. We aren’t the only ones that believe there is more than just DHS data compromised at this point. A well known Anonymous account published a few screen captures and the following message claiming the FBI and DOJ are compromised as well. Update 2/8/2016 @4:11pm It appears that 22,175 FBI employee names, titles, phone numbers, and email addresses have been published as promised. At the time of this update, the list was posted includes names up until the last name “Jenkins“. With what appears to be a steady stream of more leaked data to come, the Department of Justice and its 60 sub-agencies will need to react quickly to determine the extent of the leak, and if it will impact their operations. On the heels of theOffice of Personnel Management breach, this is yet another reminder of the severity of such information becoming public.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Need access to data breach details or alerts when new breaches happen? Risk Based Security's Cyber Risk Analytics portal, fueled by the RBS breach research team, provides detailed information on how data breaches occur and which vendors to trust. Contact us today for a demo.
Current thread:
- DHS Data Leaked, Who’s Next? Audrey McNeil (Feb 08)