Apparent names, job titles, contact information of 9,000 Department of Homeland Security employees posted on Twitter.
The US Department of Justice has yet to confirm a cyberattack that appears to have resulted in a leak of 9,000 US Department of Homeland Security employees' names, titles, email addresses, and phone numbers released on Twitter Monday with a pro-Palestinian message. The anonymous hacker told Motherboard Sunday that he has similar information on 20,000 FBI employees as well; 200 GB of data in total.
Motherboard obtained the database from the hacker Sunday, before it was leaked, dialed some of the numbers, and confirmed that some of them were the correct contacts for the individuals or departments listed. At one point they report they were connected to the Bureau's operations center.
The hacker told Motherboard his first step was compromising the email account of a DoJ employee -- which he then used to contact the reporter. When the email credentials did not enable him to obtain access to the DoJ Web portal, he turned to social engineering. He says he called the appropriate department claiming to be a new employee having trouble accessing the portal, and they allowed him to use their token.
The attacker also told Motherboard that when he ultimately compromised the user's entire machine, he had access to 1 T of data -- which he claims included credit card numbers and military emails -- but that although he could access it, he couldn't take all of it. Motherboard was never sent this data.
For more information, see Motherboard's story.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024