Hacker Allegedly Dumps Data of 9,000 DHS Employees

A hacker has claimed that he has dumped the details of some 9,000 Department of Homeland Security employees. The United States governments now has another security breach to deal with.

A hacker with a Twitter account has posted a dump containing personal details including names, email addresses, phone numbers and titles of over 9,000 DHS employees.

Motherboard published an article before the Twitter post came alive, detailing how the hacker had gained access to nearly 1TB of data from the Justice Department. The hacker obtained 200GB of data before contacting the website. He began by gaining access to a compromised email account prior to a failed attempt of logging into the staff portal. According to the hacker, he simply reached out to the relevant department to tell them that he was a new employee and did not know how to access the portal.

“So I called up, told them I was new and I didn’t understand how to get past [the portal],” the hacker told the outlet. “They asked if I had a token code, I said no, they said that’s fine—just use our one.”

Amazingly, the hacker was then given a code that granted him access to a virtual computer linked to the compromised email account. This virtual computer had access to the DOJ intranet, which contained personnel files including the details of nearly 10,000 employees. This information was revealed to Motherboard, prompting the publication to reach out to contact several employees detailed in the breach. As it turned out, most of the information leaked turned out to be legitimate.

Not intent on stopping there, the hacker also revealed via a tweet that he plans on revealing the data of 20,000 FBI employees soon.

 ‏@DotGovs  21h21 hours ago

Tomorrow we shall release 20,000 FBI employees data, including ones outside US. 🙂 #FreePalestine

It’s entirely likely that the hacker will go through on his claim of revealing the details of FBI employees.

The Department of Justice, Department of Homeland Security and the Federal Bureau of Investigation are yet to offer any public comment on the alleged breach.

Image credit: Wikimedia.