Hackers Made Off With Massive FBI, DHS Employee Database

This post is also available in: עברית (Hebrew)

A rogue hacker group managed to penetrate the US Department of Homeland Security (DHS) secure network and make off with a database containing the personal information of over nine thousand DHS employees. They allegedly possesses a similar database of over 20,000 FBI employees, both containing names, job titles, email addresses, and phone numbers. The hackers also claim to have acquired “hundreds of gigabytes of data from a Department of Justice (DOJ) computer,” Motherboard reports.

Motherboard obtained a large, random selection of the soon-to-be-leaked data, and attempted to verify its veracity. “Many of the calls went through to their respective voicemail boxes, and the names for their supposed owners matched with those in the database. At one point, Motherboard reached the operations center of the FBI, according to the person on the other end,” Joseph Cox writes for the magazine.

Details of the breach were originally posted to Cryptobin, an encrypted text-sharing website, the Telegraph reports.

The hackers, who wished to remain anonymous, allege they have information of “all Homeland Security employees.” The DHS employs some 240,000 people, in contrast with the 9,355 entries in the database. Many – though not all – of the entries correspond to actual DHS employees.

One of the hackers behind the attack is former member Lizard Squad, the group the brought down Xbox Live and the Sony PlayStation on Christmas  2014. He detailed how he first gained access to the secure networks through a simple, unsophisticated phishing email and a quick call to a member of staff at the US Department of Justice. Once inside the network, he found and downloaded the database.

The info was posted with the message: “This is for Palestine, Ramallah, West Bank, Gaza, this is for the child that is searching for an answer.”

A DHS spokesman said they were “looking into the reports.”

“We take these reports very seriously, however there is no indication at this time that there is any breach of sensitive or personally identifiable information.”

One would think that the personally identifiable information already posted would be indication enough.