DHS Office of Inspector General Case Management System Privacy incident shows 246,167 Federal Government employees’ personal sensitive information and the DNS believes that such cyber attacks are not made by outside actors.The incident disclosed the personally identifiable information of these individuals, including their names, social security numbers, date of birth, positions, grade and duty station.The impact of data breaches will only be affected when employed by the Department of Homeland Security in 2014 or with the Department of Homeland Security OIG survey 2002-2014.Discovery of Unauthorized Activities On May 10, 2017, when DHS conducted a criminal investigation by DHS OIG and the United StatesIn this survey, Homeland Security OIG found a copy of an unauthorized system of investigative case management owned by former OIG employees at DHS.
All in all, from 2002 to 2014, there are approximately 247,167 data for current and former DHS employees, as well as the number of undeclared subjects, witnesses, and complainants associated with the DHS OIG survey in one of three home computer servers Industry Insiders. The incident was the result of an attempted inside job by three DHS OIG employees who, according to the New York Times, stole the OIG’s computer system with the plan to “modify the proprietary software for managing investigative and disciplinary cases, so that they could market and sell it to other inspector general offices across the federal government.”
Compromised Data includes:
- Name, social security number, date of birth, position, rank, place of work, etc.
- Name, social security number, alien registration number, date of birth, email address, telephone number, and personal address associated with the survey, as well as any personal information they may provide in interviews with DHS OIG investigative agencies.
This Incident has been identified in 2 group category.first group incident consists of approximately 247,167 current and former federal employees that were employed by DHS in 2014.
The second group is comprised of individuals (i.e., subjects, witnesses, and complainants) associated with DHS OIG investigations from 2002 through 2014 (the “Investigative Data”).
According to the information provided by the Office, “there is evidence that the personal information of affected individuals is not the primary goal of unauthorized data transfer without authorization.”
However, the Department of Homeland Security is providing 18 months of free credit monitoring and identity protection to all individuals who may be affected by the incident.
THIS TOKEN COMPENSATION WILL NOT BE ENOUGH TO COMPENSATE THE PERSONAL AND NATIONAL SECURITY ENDANGERMENT TO BE PLACED TO EMPLOYEES AND FORMER EMPLOYEES FOR YEARS TO COME!
MORE TO FOLLOW…
Why do they notify affected individuals to send so late?
Affected employees are contacted directly, but due to technical constraints, the department is unable to send notifications to individuals who have other data breaches. They want to get in touch with the AllClear ID service to take advantage of this offer.
The Department of Homeland Security said they did not give notice by December 2017 because “the investigation is complex because it is closely linked to ongoing criminal investigations.” They spent their time until November, completing the forensic analysis of the damaged data to affected people.
To prevent such incidents from happening again, they have implemented additional security precautions to limit who has access to such information and better identify unauthorized access patterns for authorized users through additional network controls.
The following are quotes from authoritative sources
“If this isn’t a case of poorly governed access to applications and data, I don’t know what is. Governing access to data (and applications) is the process of ensuring only the right people have the right access to the right data (and apps) at the right time – and you can prove it. It seems that DHS has failed on this account by allowing the wrong person to have access to inappropriate data…and their auditing infrastructure was unable to show it,” noted Daniel Conrad, Identity and Access Management Specialist at One Identity.
“Had DHS acquired and deployed a robust identity and access management platform, it may have been able to avert this calamity by first, ensuring only the right people have access to this type of sensitive data. Secondly, a robust framework would also have strong auditing and segregation of duties and capabilities that may have alerted the right people at DHS that this volume of sensitive data was ‘leaving the building.’”
DHS OIG has also implemented a number of security precautions to further secure the DHS OIG network.
DHS insider breach resulted in theft of personal info of staff and people involved in investigations
The US DHS Office of Inspector General (OIG) has confirmed that the “privacy incident” discovered in May 2017 resulted in the theft of personally identifiable information of DHS employees and individuals associated with investigations. The incident was the result of an attempted inside job by three DHS OIG employees who, according to the New York Times, stole the OIG’s computer system with the plan to “modify the proprietary software for managing investigative and disciplinary cases, … More →… DHS insider breach resulted in theft of personal info of staff and people involved in investigations
U.S Department of Homeland Security Data Breach Affected 246,167 Federal Government Employees
DHS Office of Inspector General Case Management System Privacy incidents revealed 246,167 Federal Government Employees personal sensitive information and DNS believes that this cyber-attack not by external actors. This incident exposed PII for these individuals includes names, Social Security numbers, dates of birth, positions, grades, and duty stations. Data breach impact has been only affected the employees if… U.S Department of Homeland Security Data Breach Affected 246,167 Federal Government Employees
If you like to receive more of these curated news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Commentaries