Energy Department Updates Breach Count, Says 53,000 AffectedDOE offers employees a free year of identity theft monitoring services after hackers steal personal info, including social security numbers.
9 Android Apps To Improve Security, Privacy (click image for larger view)
The Department of Energy (DOE) has confirmed reports that it suffered a data breach in July that lead to the theft of employees' personally identifying information (PII).
"The department has now identified approximately 53,000 past and current federal employees, including dependents and contractors, whose name, social security number, and date of birth were compromised by this cyber incident," read a July 2013 Cyber Incident breach notification posted Friday to the DOE's public-facing website.
The July breach involved an outdated, publicly accessible ColdFusion system known as DOEInfo, which sources said hadn't been patched against known vulnerabilities. DOEInfo is an employee database owned and maintained by the agency's Office of the Chief Financial Officer.
"Based on the findings of the department's ongoing investigation into this incident, we do believe PII theft might have been the primary purpose of the attack," according to the notification. "Accordingly, the Department encourages each affected individual to be extra vigilant and to carefully monitor bank statements, credit card statements, emails and phone calls relating to recent financial transactions."
[ How dependable are iris scans? Read Iris Scans: Security Technology In Action. ]
In a phone interview Tuesday, an agency spokeswoman said that all affected employees have been offered a free year of identity theft monitoring services.
As is standard practice, the DOE breach is being investigated by the agency's Cybersecurity office, the Office of Health, Safety and Security, and the Inspector General's office, as well as federal law enforcement agencies. "Once the full nature and extent of this incident is known, the Department will implement a full remediation plan," said the notification.
1 of 2