The United States Department of Homeland Security (DHS) confirmed that it suffered a data breach that compromised the personally identifiable information (PII) of 250,000 DHS employees and individuals involved in ongoing DHS criminal investigations, including witnesses.
In May 2017, the DHS discovered that the data was in the possession of a former DHS Office of the Inspector General (OIG) employee who was part of an ongoing criminal investigation. However, the DHS stressed that the data was not stolen in a cyberattack nor was it compromised due to malicious activity. The compromised information included the PII of people employed by DHS in 2014, along with group subjects such as government employees, witnesses, and complainants who had ties with the DHS OIG investigations from 2002 to 2014.
In addition to employee data, other investigative data was put at risk. The data included information on subjects, witnesses, and complainants comprising DHS and non-DHS employees. The compromised data of non-DHS employees reportedly include Social Security numbers, alien registration numbers, dates of birth, email addresses, phone numbers, and residential addresses.
Last December, the DHS sent notification letters to those who may have been affected by the breach. The DHS didn’t announce the breach right away due to the nature of the criminal investigation. Moreover, the DHS did not reveal the identity of the former employee and the scope of the investigation.
It’s not the first time that the DHS suffered a data breach. Early last year, hackers used social media to brag about a data dump that exposed details of 20,000 Federal Bureau of Investigation employees and 10,000 DHS employees. The stolen information included names, titles, phone numbers, and e-mail addresses. According to the hackers, they mined the information from a Department of Justice database.
What can happen to stolen identification?
PII contains data that can distinguish or identify a specific individual, making it one of the most commonly stolen types of data. Cybercriminals can use the information to file fraudulent income tax returns or apply for loans under the victim’s name. Hackers can also sell the information to marketing firms or companies that specialize in spamming.
PII has monetary value in the underground market, with prices depending on how useful it will be for fraudsters. To avoid exposing employees and customers to identity theft, users and organizations should secure personal information they store or process.
What best practices can organizations do to prevent data breaches?