Contact information for more than 10,000 employees of the Departments of Justice and Homeland Security was dumped onto the Web Sunday and Monday by an anonymous pro-Palestinian hacker or hackers.
A Department of Justice spokesman confirmed the breach was being investigated, but played down the severity, saying there was no evidence personal data like birth dates or Social Security numbers had been compromised.
The hacker shared the information via Twitter, pointing people to two posts on CryptoBin, a plain-text storage website. The first post, Sunday night, listed names, job titles, work email addresses and phone numbers for almost 9,000 DHS employees. The range of job titles is wide, including IT specialists, budget analysts, procurement officers, various directors and senior advisors.
The second dump, Monday afternoon, contained names, job titles, work email addresses and phone numbers, apparently of FBI employees. The list contains names in alpha order beginning with “Abruzzino” and running through to “Jenkins.” Earlier Monday, the hackers had threatened a second dump, which they said would contain information on 20,000 FBI employees.
The first dump was shared by the hackers Sunday with Motherboard, which checked and found that much of it was accurate. FedScoop also viewed that list, verifying accurate contact info for a number of employees. However, the list looks dated, as a number of officials currently employed at DHS do not seem to be included.
The hackers told Motherboard the information was accessed by compromising the email account of a Justice Department official through social engineering. When they could not access a department Web portal, they called someone inside the department who gave them further permissions. From there, the hackers downloaded 200 gigabytes of contact data out of a possible 1 terabyte that was viewed.
“I had access to it, I couldn’t take all of the 1TB,” the hacker told Motherboard, saying he wished to remain anonymous.
The hacker said some of the files’ contents included military emails and credit card numbers, but officials played down the severity of the apparent breach.
“We take these reports very seriously, however there is no indication at this time that there is any breach of sensitive or personally identifiable information,” DHS spokesman S.Y. Lee said in a statement.
“The department is looking into the unauthorized access of a system operated by one of its components containing employee contact information,” said Justice Department Spokesman Peter Carr. “However, there is no indication at this time that there is any breach of sensitive personally identifiable information. The department takes this very seriously and is continuing to deploy protection and defensive measures to safeguard information.
“Any activity that is determined to be criminal in nature will be referred to law enforcement for investigation,” Carr concluded.
At the beginning of the first CryptoBin post, the hackers claim, “This is for Palestine, Ramallah, West Bank, Gaza, This is for the child that is searching for an answer.” The sentiments are similar to the motives expressed by hackers who broke into the email accounts of CIA Director John Brennan and Director of National Intelligence James Clapper, though rather more muted in tone.
This story has been updated to include comment from DHS and DOJ, and to reflect the second dump of contact information.
Contact the reporter on this story via email at firstname.lastname@example.org, or follow him on Twitter at @gregotto. His OTR and PGP info can be found here. Subscribe to the Daily Scoop for stories like this in your inbox every morning by signing up here: fdscp.com/sign-me-on.