247,000 DHS Employees Affected by Data Breach

04.01.2018 | 16:47
Information on nearly a quarter million Department of Homeland Security (DHS) employees was exposed as part of an "unauthorized transfer of data", the DHS announced.

The privacy incident involved a database used by the DHS Office of the Inspector General (OIG) which was stored in the DHS OIG Case Management System.

The incident impacted approximately 247,167 current and former federal employees that were employed by DHS in 2014. The exposed Personally identifiable information (PII) of these individuals includes names, Social Security numbers, birth dates, positions, grades, and duty stations.

Individuals (both DHS employees and non-DHS employees) associated with DHS OIG investigations from 2002 through 2014 (including subjects, witnesses, and complainants) were also affected by the incident, the DHS said.

The PII associated with these individuals varies depending on the documentation and evidence collected for a given case and could include names, social security numbers, alien registration numbers, dates of birth, email addresses, phone numbers, addresses, and personal information provided in interviews with DHS OIG investigative agents.

The data breach wasn’t the result of an external attack, the DHS claims. The leaked data was found in an unauthorized copy of the DHS OIG investigative case management system that was in the possession of a former DHS OIG employee.

The data breach was discovered on May 10, 2017, as part of an ongoing criminal investigation conducted by DHS OIG and the U.S. Attorney’s Office.

“The privacy incident did not stem from a cyber-attack by external actors, and the evidence indicates that affected individual’s personal information was not the primary target of the unauthorized exfiltration,” DHS explained.

The Department said that notification letters were sent to select DHS employees to inform them that they might have been impacted. DHS also says that it conducted a thorough privacy investigation, a forensic analysis of the compromised data, and assessed the risk to affected individuals before making the incident public.

Following the incident, the DHS says it is implementing additional security precautions to limit access to the type of information that was released in this incident and to better identify unusual access patterns.

“We will continue to review our systems and practices in order to better secure data. DHS OIG has also implemented a number of security precautions to further secure the DHS OIG network,” DHS notes.

Additional information for the affected individuals is available in an announcement and FAQ published on Jan 3.

By Ionut Arghire
DHS, Data Breach
Source securityweek.com

Comments (1)
  1. Added COMPOSITE HACKS 18.01.2018 | 05:20★COMPOSITE HACKS★

    If Truly you Are In Need Of A LEGIT PROFESSIONAL HACKER Who Will Get Your Job Done Efficiently With Swift Response, Congratulations, You Have Met the Right HACKERS.

    ★ WHO ARE COMPOSITE HACKS???
    • We are a Team Of Professional HACKERS , a product of the coming together of Legit Hackers from the Dark-Web (pentaguard, CyberBerkut, White Hack and Black Hat,) we have been existing for over 12years, our system is a very strong and decentralized command structure that operates on ideas and directives.

    ★ JOB GUARANTEE:
     • Frankly speaking, I always give a 100% guarantee on any job we are been asked to do, because we have always been successful in Almost all our jobs for over 12years and our clients can testify to that.
    The Problem we are Facing right now is that there are so many fake Hackers here online who are claiming what they are not, just to eat innocent people's money and Run away, But its only the SMART People that would be able to distinguish between these enormous Fake Hackers and the Few LEGIT HACKERS. I could remember there was a time i started hacking their emails and shutting it down, but at a point i observed that these scam hackers are enormous, how many of them am i gonna hack? I had to Leave them and Face my Job.
    - COMPOSITE HACKS is One of the Leading Hack Teams in the United States With so Many Awards from the IT Companies.


    ★ OUR HACKING CAPABILITIES:
    We Offer Varieties Of LEGIT Hacking Services With the Help Of Our Root HackTools, Special HackTools and Our Technical Hacking Strategies.
    - Below is a List Of Services we Render Often:
    ★Penetration Testing
    ★ Phishing
    ★ Jail Breaking.
    ★ Phone Hack: Giving you access to the Target's Call Log, messages, chats and all social media Apps .
    ★Retrieval Of Lost Files
    ★ Location Tracking.
    ★ Clearing Of Criminal Records.
    ★ Hacking Of Server, Database And website e.g Facebook, twitter, Instagram Snapchat etc

    ★ SOME OTHER SPECIAL SERVICES WE OFFER:
    ★ Bank Accounts Loading ( Only USA Banks)
    ★ Credit Cards Loading (Only USA CC's)
    ★ One Vanilla Cards Loading ($100 cards and above)
    ★ Sales Of HACKED/PROGRAMMED ATM Cards & CC's ( For All Countries.)

    ★ You can also contact us for other Cyber Attacks And Hijackings, we do almost All.

    ★Contact Us for Your Desired Service Via: compositehacks@gmail.com

    ★Our Website : www.compositehacks.blogspot.com

    ★We Treat Every Request With Utmost Confidentiality★
Leave comment:CaptchaRefresh verification code