At least 25,000 US government workers had their personal data compromised in the cyber attack that hit one of Homeland Security Department’s key federal contractor’s database in early August.
According to Reuters, the US Investigations Services, a company that does background checks for the Department of Homeland Security, was hit by a data breach in the first week of August which exposed personal information of the employees at the Department of Homeland Security’s headquarters as well as its US Immigration and Customs Enforcement and US Customs and Border Protection units.
The company acknowledged the attack as having “all the markings” of a state-sponsored hacking, however refrained to say as where the cyber attack actually originated, how many records had been compromised in total or which agencies were affected. The compromised data includes employees’ Social Security numbers, education and criminal history, birth dates, information about spouses, friends and other relatives including their names and addresses.
Although it’s unclear as for what purpose hackers could use the information for, Dmitry Alperovitch of the cybersecurity firm CrowdStrike said the data could be used by foreign intelligence departments to intimidate or blackmail government employees.
The Department of Homeland Security has halted all work with USIS since the breach was disclosed as a multi-agency investigation has been launched by the government to identify the scope of the attack. The FBI has also initiated an investigation. There are also chances that the number of employees “impacted” by the computer breach could increase.