Data Breach Hits DHS Workers

Friday, January 5, 2018 @ 01:01 PM gHale


Almost one quarter of a million Department of Homeland Security (DHS) workers fell victim to an “unauthorized transfer of data.”

The privacy incident involved a database used by the DHS Office of the Inspector General (OIG) stored in the DHS OIG Case Management System.

RELATED STORIES
DHS’ Cyber Threat Info Sharing Needs to Improve
Framework Publishes for Cyber-Physical Systems
Smart Grid Interoperability Test
Utility Execs Fear Grid Attacks: Report

The incident affected 247,167 current and former federal employees employed by DHS in 2014. The exposed personally identifiable information (PII) of these individuals includes names, Social Security numbers, birth dates, positions, grades, and duty stations.

Individuals associated with DHS OIG investigations from 2002 through 2014, which includes subjects, witnesses, and complainants, were also affected by the incident, DHS said.

The PII associated with these individuals varies depending on the documentation and evidence collected for a given case and could include names, social security numbers, alien registration numbers, dates of birth, email addresses, phone numbers, addresses, and personal information provided in interviews.

The data breach wasn’t the result of an external attack, the DHS claims. The leaked data was found in an unauthorized copy of the DHS OIG investigative case management system in the possession of a former DHS OIG employee.

The data breach ended up discovered on May 10 as part of an ongoing criminal investigation conducted by DHS OIG and the U.S. Attorney’s Office.

The Department said notification letters were sent to select DHS employees to inform them they might have been impacted. DHS also said it conducted a thorough privacy investigation, a forensic analysis of the compromised data, and assessed the risk to affected individuals before making the incident public.

Following the incident, the DHS said it is implementing additional security precautions to limit access to the type of information that was released in this incident and to better identify unusual access patterns.



Leave a Reply

You must be logged in to post a comment.