Data Breach Compromised 250,000 PII of U.S. Department of Homeland Security Employees, Witnesses
The United States Department of Homeland Security (DHS) confirmed that it suffered a data breach that compromised the personally identifiable information (PII) of 250,000 DHS employees and individuals involved in ongoing DHS criminal investigations, including witnesses.
In May 2017, the DHS discovered that the data was in the possession of a former DHS Office of the Inspector General (OIG) employee who was part of an ongoing criminal investigation. However, the DHS stressed that the data was not stolen in a cyberattack nor was it compromised due to malicious activity. The compromised information included the PII of people employed by DHS in 2014, along with group subjects such as government employees, witnesses, and complainants who had ties with the DHS OIG investigations from 2002 to 2014.
In addition to employee data, other investigative data was put at risk. The data included information on subjects, witnesses, and complainants comprising DHS and non-DHS employees. The compromised data of non-DHS employees reportedly include Social Security numbers, alien registration numbers, dates of birth, email addresses, phone numbers, and residential addresses.
Last December, the DHS sent notification letters to those who may have been affected by the breach. The DHS didn’t announce the breach right away due to the nature of the criminal investigation. Moreover, the DHS did not reveal the identity of the former employee and the scope of the investigation.
It’s not the first time that the DHS suffered a data breach. Early last year, hackers used social media to brag about a data dump that exposed details of 20,000 Federal Bureau of Investigation employees and 10,000 DHS employees. The stolen information included names, titles, phone numbers, and e-mail addresses. According to the hackers, they mined the information from a Department of Justice database.
What can happen to stolen identification?
PII contains data that can distinguish or identify a specific individual, making it one of the most commonly stolen types of data. Cybercriminals can use the information to file fraudulent income tax returns or apply for loans under the victim’s name. Hackers can also sell the information to marketing firms or companies that specialize in spamming.
PII has monetary value in the underground market, with prices depending on how useful it will be for fraudsters. To avoid exposing employees and customers to identity theft, users and organizations should secure personal information they store or process.
What best practices can organizations do to prevent data breaches?
Organizations should assume that breaches can happen, so investing effort into implementing security policies and guidelines and letting employees know about them is important. Moreover, staff training and awareness efforts can also help prevent data breaches.
Some of the preventive measures organizations can implement:
- Adding layers of security such as two-factor authentication (2-FA).
- Enforcing the principle of least privilege by restricting how attackers can move within the system or network by using firewalls, network segmentation, and data categorization.
- Reducing the attack surface by backing up data and securing tools that maintain applications, networks, and systems that are used to store and manage data.
- Securing gateways.
- Ensuring that operating systems and applications are always up-to-date.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale