Did a hacker really pwn the FBI, US Homeland Security and the DoJ?
Do we have another OPM disaster, or a NASA hack redux?
Water cooler My Twitter feed's blowing up! My dad's calling about it because even the New York Times is writing about it. The FBI, the US Dept of Homeland Security and the Dept of Justice all got hacked over the weekend? What the hell, man?
Uh-huh. On Sunday, a mystery hacker claimed to have details on more than 29,000 employees of the Department of Homeland Security and the FBI. The data was later dumped online, exposing the names, job titles, office phone numbers, and work email addresses of the employees.
That just sounds like directory information.
Indeed. It seems these records, at least, are not something terribly sensitive and, in some cases, that contact info could already be available for people to look up online. The data may even have been scraped from the public unclassified web. By itself, it's not a hugely damaging collection, though the hacker claims to have a lot more data.
Well, the miscreant claims to have obtained hundreds of gigabytes of data thanks to a compromised DoJ email account, although there is no hard proof an inbox was hijacked. Allegedly, someone was able to log into a DoJ staff-only portal using this account, and pull up internal information. Precisely what all those gigabytes of data cover, how sensitive it all is, and whether the hacker still has access is unknown. As we've seen in recent incidents, not all hacked info is worthy of mass hysteria.
Wait, go back. This person hacked a DOJ account? That's really bad!
Possibly, but here's where things get murky. The DoJ information, supposedly 200GB, was taken from a single hacked account, and it has not been released yet. We don't know what, if any, sort of clearance this account may have had to view sensitive information – or if any data was really taken. It's claimed the account was verified by sending an email from the DoJ address to a Vice reporter, although addresses can be spoofed.
There's also the fact that the DoJ doesn't think anything is amiss. A spokesperson provided the following statement to El Reg:
The department is looking into the unauthorized access of a system operated by one of its components containing employee contact information. This unauthorized access is still under investigation; however, there is no indication at this time that there is any breach of sensitive personally identifiable information.
So, this could be a really bad situation for Uncle Sam. Or just a pretty bad situation. Or not much of anything at all.
Indeed. Should the hacker produce 200GB of internal documents, the DoJ will have a huge mess on its hands. As it stands, however, thus far the only information we have is the directory info for a lot of government employees.
Well, that doesn't clear up much of anything!
Glad we could help. ®