- The explosion at a bull semen factory generated a lot of obvious jokes 2 Years Ago
- Jessica Jaymes, adult film star, dead at 43 2 Years Ago
- How to stream Falcons vs. Colts in Week 3 Today 4:05 PM
- Beto O’Rourke says he opposes police use of facial recognition tech Today 4:01 PM
- Lawsuit alleges woman was kidnapped by Lyft driver and gang-raped Today 3:19 PM
- Facebook and Ray-Ban want to replace smartphones with smart glasses Today 3:13 PM
- Sirfetch’d is the gallant new Pokémon winning everyone’s heart Today 3:09 PM
- Danielle Cohn’s dad says she’s not really 15 years old Today 2:14 PM
- Chilling ad by Sandy Hook Promise features kids using school supplies during a shooting Today 1:50 PM
- Don’t fall victim to this Venmo texting scam Today 1:18 PM
- Here’s what’s coming and going on Netflix in October 2019 Today 12:55 PM
- Marvel just turned Goldballs into one of the most powerful X-Men Today 12:33 PM
- Every house in ‘Skyrim’ and how to get them all Today 12:28 PM
- How to stream all the Week 3 NFL action Today 12:14 PM
- Taylor Swift has some thoughts on the end of ‘Game of Thrones’ Today 12:14 PM
The names, social security numbers, addresses, and other personal identifying information of more than 240,000 current and former U.S. Department of Homeland Security employees have been stolen.
The data breach of the DHS Office of Inspector General (OIG) Case Management System affected 247,167 employees in 2014 as well as subjects, witnesses, and complainants involved in investigations from 2002 to 2014, DHS wrote in a release on Wednesday.
While the amount of compromised data varies for each individual depending on the “documentation and evidence collected for a given case,” information stolen from non-employees could include “names, Social Security numbers, alien registration numbers, dates of birth, email addresses, phone numbers, addresses, and personal information provided in interviews with DHS OIG investigative agents.” The stolen information on current and former employees includes “names, Social Security numbers, dates of birth, positions, grades, and duty stations.”
The department claims the information in this incident was not acquired from a cyberattack by an external actor. It’s still unclear how its systems were compromised. The department said it found an unauthorized copy of its investigative case management system in the possession of a former DHS OIG employee. It didn’t name the employee but said evidence indicates the stolen information was not their primary target. Regardless, the incident should raise red flags, especially for private citizens involved in legal disputes as witnesses or complainants.
The DHS knew about the data breach in May but chose not to notify those who were affected until it completed an investigation.
“The investigation was complex given its close connection to an ongoing criminal investigation,” the department wrote. “From May through November 2017, DHS conducted a thorough privacy investigation, extensive forensic analysis of the compromised data, an in-depth assessment of the risk to affected individuals, and comprehensive technical evaluations of the data elements exposed.”
As a response to the data breach, the DHS says it will implement additional security precautions to limit who can access its systems and quickly identify when it has been compromised.
All individuals potentially affected by the breach will be given 18 months of free credit monitoring and identity protection services. The DHS is sending notification letters out to all current and former employees whose information was stolen. However, it claims “technical limitations” prevent it from notifying “non-DHS employees.”
It did not specify how many private citizens were affected. If you were involved in a DHS OIG investigation between 2002 and 2014, you are eligible for credit monitoring. The DHS recommends you call AllClear ID at (855) 260-2767 for more information.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.