icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm

250,000 staffers, suspects and witnesses affected by DHS data breach

250,000 staffers, suspects and witnesses affected by DHS data breach
A data breach at the Department of Homeland Security has resulted in the personal details of nearly a quarter of a million former and current employees being stolen, as well as an unspecified number of suspects and witnesses'.

The breach, which affected the DHS Office of Inspector General (OIG) Case Management System, saw the details of 247,167 current and former federal employees stolen.

This information includes personally identifiable details, like names, positions, grades, positions, social security numbers and dates of birth.

Perhaps of more concern, a second group of private individuals also had their data stolen. This group, according to the department, is “comprised of individuals (i.e., subjects, witnesses, and complainants) associated with DHS OIG investigations from 2002 through 2014 (the “Investigative Data”).

The information taken “varies for each individual depending on the documentation and evidence collected for a given case,” the department said, but it could include “names, social security numbers, alien registration numbers, dates of birth, email addresses, phone numbers, addresses, and personal information provided in interviews with DHS OIG investigative agents.”

DHS discovered the breach on May 10, 2017 but only informed employees of it Wednesday, following an investigation which was “complex given its close connection to an ongoing criminal investigation.”

The department said it wouldn’t be able to inform private citizens that their data had been stolen due to “technical limitations” which prevent it from informing “non-DHS employees.”

It did stress that the innocuously entitled “privacy incident” did not stem from a cyber-attack by external actors, and that the evidence “indicates that affected individual’s personal information was not the primary target of the unauthorized unauthorized transfer of data.”

Dear readers and commenters,

We have implemented a new engine for our comment section. We hope the transition goes smoothly for all of you. Unfortunately, the comments made before the change have been lost due to a technical problem. We are working on restoring them, and hoping to see you fill up the comment section with new ones. You should still be able to log in to comment using your social-media profiles, but if you signed up under an RT profile before, you are invited to create a new profile with the new commenting system.

Sorry for the inconvenience, and looking forward to your future comments,

RT Team.