Dark Web ID Tracks and Identifies DHS and FBI “Data Dumps” Immediately After Release

Share Article

Dark Web ID monitoring tool tracked and identified DHS and FBI employee data immediately after hackers released earlier this week.

ID Agent

ID Agent, A Division of Winvale

“We see it happen time and time again, hackers are gaining access to major databases because organizations often overlook the human factor in their cybersecurity posture." - Kevin Lancaster, CEO, ID Agent

Last weekend, more than 9,300 Department of Homeland Security (DHS) employees’ personal information was leaked online, all stemming from an apparent data breach to the DHS networks. Not only were those identities exposed, but the Twitter user that publicized the information immediately followed suit by exposing an additional 22,000 Federal Bureau of Investigation (FBI) employees’ information. Dark Web ID was able to track and identify this information immediately after hackers released it online.

Employee information included names, titles, email addresses and phone numbers, putting individuals at high risk for identity theft and ultimately risking exposure for sensitive data the DHS and FBI networks may hold, jeopardizing national security. These are seemingly two of the U.S.’s most protected databases, so how in the world did they get infiltrated? The short answer for this incident and many in the current cyber landscape – through just one employee’s email account.

“It only takes one employee’s data to find the key to the castle – no matter how protected the walls are,” said Kevin Lancaster, ID Agent chief executive officer. “We see it happen time and time again, hackers are gaining access to major databases because organizations often overlook the human factor in their cybersecurity posture. One employee gets compromised and that’s all it takes to bring those castle walls down.”

The Key to Two of the Most Protected Castles

The DHS and FBI hackers got into the systems by compromising a single email account on the Department of Justice (DOJ) network. It doesn’t take a seasoned IT professional to see how easy it would be to navigate to other networks given this kind of access. These targeted attacks are happening more often and are complicating the way organizations determine how secure their networks are.

Taking Immediate Action in the Case of a Breach

At the time the leak was initially being publicized, ID Agent was able to track and identify the “data dumps” immediately after they were released. While hackers’ motives vary and cyber incidents only are able to be prevented to a certain degree, deploying a monitoring tool like Dark Web ID can help an organization take action in the case they fall victim to a cyber crime and quickly deploy a breach response. It’s time both the C-suite and Security teams start to take threat intelligence seriously. As soon as this type of data is published, organizations need to be notified.

ID Agent also provides pre- and post-breach identity monitoring for employees – a now tax-free benefit – to add another important layer to an organization’s breach plan. Keep in mind that this incident is not isolated in exploiting an individual employee’s email address to access the greater network, or in this case, multiple networks.

About ID Agent

ID Agent is a division of The Winvale Group, headquartered in Washington, D.C., whose mission is to better protect your organization, your employees and the customers you serve. For more than a decade, Winvale has been supporting both government agencies, and the contractors that serve them, with comprehensive compliance, security solutions and services. Winvale’s ID Agent & Dark Web ID solutions are used by global leaders in the finance, legal and security industries as well as the public sector to monitor corporate and individual identities.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Beatrice Livioco
Visit website