US Department of Homeland Security has made it official that a database used by Homeland Security’s Office of the Inspector General was breached affecting more than 240,000 Homeland Security Employees.
The leak includes data related to DHS Office of Inspector General (OIG) Case Management System (CMS) affecting all the 247,167 individuals employed by the Homeland Security in 2014 and individuals such as subjects’ witnesses and complaints related to the investigations carried out by DHS from 2002 to 2014.
The law enforcement agency has issued a statement on Wednesday saying that all the affected individuals were notified about the breach through a letter. It further added in its statement that the breach was not a result of a cyber attack carried our state-funded actors and available evidence indicates that the said database was not the primary target of the unauthorized access.
Cybersecurity Insiders has learned that the incident was identified by DHS on May 10th, 2017 when it discovered a duplicate copy of its CMS in the possession of a former DHS OIG Employee- all a part of an ongoing criminal investigation.
Notification letters about the breach were distributed to the affected individuals of December 15th, 2017 and reached most of them by December 18, 2017.
After the incident, DHS has started the implementation of stringent security measures to limit the individuals having access to the critical info.
