Report: Hackers steal, post details on 9,000 DHS employees
Today the hacker posted the details on Twitter along with a screenshot of a warning page allegedly from a Department of Justice computer (shown above).
Motherboard writer Joseph Cox writes that Sunday he received the stolen personal data, some of which came from a single Department of Justice computer hacked using a compromised email account and social engineering.
Cox wrote he checked out the accuracy of the personal information by calling up some of the numbers at random, and in many cases reached voicemail of the persons named or they picked up the phone themselves.
The hacker told Cox that after he compromised the email account of a Department of Justice employee, he tried but failed to log into a DoJ Web portal, then social-engineered an employee into giving him credentials.
The hacker said, “So I called up, told them I was new and I didn't understand how to get past [the portal],” the hacker told Motherboard. “They asked if I had a token code, I said no, they said that's fine—just use our one,” according to the story. From there he moved laterally using the credentials of the hacked email account and reached the work computer of the person whose email he hacked as well as resources on the LAN.
The hacker downloaded 200GB of data from the machine and had access to 1TB, but “couldn’t take all of” it, the story says.
Last year similar details about military personnel were released by a group claiming to be affiliated with ISIS, but at least some of that turned out to be publicly available. Also last year millions of personnel records were stolen from the federal Office of Personnel Management that included Social Security numbers and fingerprints.