One of the most frightening threats today is the idea of an anonymous cyber criminal breaking into your files or online information. Besides dealing with the feeling of violation that comes with a stranger rifling through your most personal details, the hacker could have nefarious activities in mind – and could use your data to support these purposes.
Now, imagine that a cyber attacker hasn't just breached your personal information – this person has also divulged these details publicly for all to see. This opens the doors to a range of new and panic-inducing possibilities, particularly when it comes to identity theft.
This was the startling reality that employees of the FBI and Department of Homeland Security have had to deal with lately, after their personal information was exposed by hackers.
30,000 victims' data leaked
Although the event is still being investigated, numerous sources report that hackers first broke into DHS systems. After leaking the information of nearly 10,000 DHS staff members, cyber criminals moved on to attack the FBI.
As Trend Micro reported, the subsequent breach resulted in the leakage of details about an additional 20,000 federal workers, bringing the total victims to 30,000 individuals.
Taunting victims and making good on threats
However, before the FBI employees' data was exposed, hackers took to social media to brag about their conquest. According to Trend Micro, this began with a simple, yet matter-of-fact tweet posted Sunday through the account @DotGovs:
"Well folks, it looks like @TheJusticeDept has finally realized their computer has been breached after 1 week."
After completing the second data dump of FBI personnel details, attackers announced their activity once again.
"FBI and DHS info is dropped and that's all we came to do, so now its time to go, bye folks! #FreePalestine," hackers tweeted.
CNN noted that the taunting continued after the breach and publication of information with another tweet, which points to possible motivation for the attacks:
"When will the US government realize we won't stop until they cut relations with Israel."
Unauthorized access exposes an array of details
While only scant details are currently available about the hack, Trend Micro reported that hackers were able to mine information – including names, titles, phone numbers and email addresses – after breaking into the Department of Justice's database. After the leakage, research showed that certain names and information released were, in fact, credible and belonged to FBI employees.
"Job titles found in the database were task force officers, special agents, intelligence analysts, contractors, biologists, technicians, language specialists, among others," Trend Micro stated. "[T]he data were said to have been acquired after an email account of one of the employees of the department was compromised. Through this, over 200GB of files were amassed, a large chunk of which remains unpublished."
It appears that, for now, DHS employees were a bit luckier. The hack is still under investigation, but so far, no sensitive information has been stolen.
"The department is looking into the unauthorized access of a system operated by one of its components containing employee contact information," Department spokesperson Peter Carr said, according to Trend Micro. "This unauthorized access is still under investigation; however, there is no indication at this time that there is any breach of sensitive personally identifiable information. The department takes this very seriously and is continuing to deploy protection and defensive measures to safeguard information. Any activity that is determined to be criminal in nature will be referred to law enforcement for investigation."
As this and other recent events show, the protection of personal information is currently more critical than ever.