- 2020 Democrats refuse to answer our questions about ‘Cats’ Friday 4:14 PM
- Belle Delphine’s Instagram account removed after mass reporting campaign Friday 4:08 PM
- Mariah Carey refuses old-age FaceApp challenge Friday 3:19 PM
- Journalists horrified by consolidation of Gatehouse, Gannett Friday 3:12 PM
- Facebook and Google could be tracking you on porn sites Friday 1:42 PM
- 7 best sites for psychic love readings Friday 1:20 PM
- Driver demonstrates why you always need to read road signs Friday 12:58 PM
- Area 51 remix video proves it’s the summer of Lil Nas X Friday 12:26 PM
- ‘ICE will come’: Convenience store clerk threatens customers speaking Spanish Friday 12:11 PM
- Rand Paul dodges questions about 9/11 Victims Fund, says ‘watch Fox News’ Friday 11:51 AM
- Report: ‘Stranger Things’ season 4 to begin shooting in October Friday 11:03 AM
- AT&T paid Michael Cohen to consult on net neutrality, FBI documents show Friday 9:10 AM
- Mysterio’s ruse changes on a second viewing of ‘Far From Home’ Friday 9:06 AM
- Twitter overturns Barrett Brown’s third permanent suspension Friday 8:49 AM
- How to live stream Liga MX Friday 7:56 AM
Names, addresses, and social security numbers were stolen.
The names, social security numbers, addresses, and other personal identifying information of more than 240,000 current and former U.S. Department of Homeland Security employees have been stolen.
The data breach of the DHS Office of Inspector General (OIG) Case Management System affected 247,167 employees in 2014 as well as subjects, witnesses, and complainants involved in investigations from 2002 to 2014, DHS wrote in a release on Wednesday.
While the amount of compromised data varies for each individual depending on the “documentation and evidence collected for a given case,” information stolen from non-employees could include “names, Social Security numbers, alien registration numbers, dates of birth, email addresses, phone numbers, addresses, and personal information provided in interviews with DHS OIG investigative agents.” The stolen information on current and former employees includes “names, Social Security numbers, dates of birth, positions, grades, and duty stations.”
The department claims the information in this incident was not acquired from a cyberattack by an external actor. It’s still unclear how its systems were compromised. The department said it found an unauthorized copy of its investigative case management system in the possession of a former DHS OIG employee. It didn’t name the employee but said evidence indicates the stolen information was not their primary target. Regardless, the incident should raise red flags, especially for private citizens involved in legal disputes as witnesses or complainants.
The DHS knew about the data breach in May but chose not to notify those who were affected until it completed an investigation.
“The investigation was complex given its close connection to an ongoing criminal investigation,” the department wrote. “From May through November 2017, DHS conducted a thorough privacy investigation, extensive forensic analysis of the compromised data, an in-depth assessment of the risk to affected individuals, and comprehensive technical evaluations of the data elements exposed.”
As a response to the data breach, the DHS says it will implement additional security precautions to limit who can access its systems and quickly identify when it has been compromised.
All individuals potentially affected by the breach will be given 18 months of free credit monitoring and identity protection services. The DHS is sending notification letters out to all current and former employees whose information was stolen. However, it claims “technical limitations” prevent it from notifying “non-DHS employees.”
It did not specify how many private citizens were affected. If you were involved in a DHS OIG investigation between 2002 and 2014, you are eligible for credit monitoring. The DHS recommends you call AllClear ID at (855) 260-2767 for more information.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.