Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

DoJ Investigating Leak of FBI, DHS Employee Details

The United States Department of Justice has launched an investigation after a group of pro-Palestine hackers leaked what appear to be the details of nearly 30,000 employees of the Department of Homeland Security (DHS) and the Federal Bureau of Investigations (FBI).

The United States Department of Justice has launched an investigation after a group of pro-Palestine hackers leaked what appear to be the details of nearly 30,000 employees of the Department of Homeland Security (DHS) and the Federal Bureau of Investigations (FBI).

The attackers first leaked the records of roughly 9,000 DHS employees and later published a document containing information on more than 20,000 FBI employees. The records consist of names, email addresses, phone numbers and job titles.

Vice’s Motherboard, the website that broke the news, called some of the individuals whose details have been leaked and confirmed that at least some of the information is accurate.

The attackers claimed to have obtained the information after compromising the email account of a Department of Justice employee. The leaked details were allegedly obtained from a database hosted on a DoJ intranet.

The hackers claimed to have gained access to a total of 1TB of data, but only downloaded 200GB of files. They said they also obtained military emails and payment card data, but provided no proof to support their claims.

“The department is looking into the unauthorized access of a system operated by one of its components containing employee contact information. This unauthorized access is still under investigation; however, there is no indication at this time that there is any breach of sensitive personally identifiable information,” Peter Carr, Department of Justice spokesman, told SecurityWeek in an emailed statement.

“The department takes this very seriously and is continuing to deploy protection and defensive measures to safeguard information. Any activity that is determined to be criminal in nature will be referred to law enforcement for investigation,” Carr added.

Most of the leaked information does not seem to be publicly available online, but that does not necessarily mean the attackers actually gained access to sensitive DoJ systems. Hackers whose goal is to attract attention — whether it’s for a cause or simply to boost their reputation — are known to get creative when leaking “sensitive” information.

Advertisement. Scroll to continue reading.

Last week, hackers published the details of NASA employees and other information they claimed to have obtained after breaching the space agency’s systems. NASA investigated the claims and determined that the leaked information was publicly available through its open data websites.

On the other hand, hackers gaining access to the email accounts of U.S. government employees, including high-ranked officials, is not unheard of. Last year, someone breached the private AOL account of CIA chief John Brennan and released some documents.

Related: Documents Leaked Following U.S. Police Union Hack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Raffi Joukhadarian has been named Managing Director and Chief Financial Officer at MorganFranklin Cyber.

Data security firm Rubrik has appointed Kavitha Mariappan as its Chief Transformation Officer.

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.