US officials have been left red-faced yet again after an anonymous hacker claimed to have stolen the details of 29,000 government employees including FBI staffers.
The breached data included phone numbers, email addresses and job titles for 20,000 Department of Justice employees and a further 9000 working for the Department of Homeland Security, according to a report on Motherboard.
The hacker is said to have compromised the email account of a DoJ employee, attempted to log-in to a departmental portal and then phoned up the help desk when that failed.
Instead of being asked for a token, or forced to go through additional security, the hacker was given a passcode over the phone. From there he could log-in remotely to the computer of the staffer whose email account he’d hacked, according to the report.
The databases of government employee information were apparently accessible from an intranet site.
However, subsequent reports have claimed the lists published online contained out-of-date information – including outdated job titles and individuals who left or retired long ago.
A DoJ spokesman told The Guardian the department was investigating the matter, but sought to downplay the seriousness of the attack.
“This unauthorized access is still under investigation; however, there is no indication at this time that there is any breach of sensitive personally identifiable information,” he told the paper.
“The department takes this very seriously and is continuing to deploy protection and defensive measures to safeguard information. Any activity that is determined to be criminal in nature will be referred to law enforcement for investigation.”
The breach is certainly nothing like the scale of the successful attack on the Office of Personnel Management (OPM) last year, which breached the identities and personal information of over 21 million employees.
Nevertheless, the ease with which the hacker managed to access a departmental intranet will be a cause for concern.
Emily Orton, director at UK cyber intelligence firm Darktrace, argued that the incident shows once again that governments remain vulnerable to cybercrime.
“The reoccurrence of these high-profile breaches emphasizes just how inadequate current security tools are in protecting valuable data in the face of determined attackers,” she added.
“Today businesses are increasingly adopting an immune system approach, capable of identifying internal threats early, before a crisis is reached. It is clear that both private businesses and governments need to embrace this type of self-learning technology, given the advanced threat.”