Hackers Leak DHS Staff Directory, Claim FBI Is Next

itwbennett writes: On Sunday, the name, title, email address, and phone number of more than 9,000 DHS employees, with titles ranging from engineers, to security specialists, program analysts, InfoSec and IT, all the way up to director level was posted on Twitter. 'The account went on to claim that an additional data dump focused on 20,000 FBI employees was next,' writes CSO's Steve Ragan. The hacker told Motherboard that the data was obtained by "compromising the email account of a DoJ employee, although he would not elaborate on how that account was accessed in the first place."

Sad state of affairs

[daq+man]

I don't know which is worse, that outfits like the DHS and FBI have such lousy cyber security that this can happen or that someone thinks that publishing this stuff is helping their cause.

Re:Sad state of affairs

[U2xhc2hkb3QgU3Vja3M]

I think they're doing this to shame the DHS and FBI and at the same time show the world that this kind of thing is possible even without government-approved backdoors.

Re:Sad state of affairs

[ATMAvatar]

That largely depends on their cause. If the cause is to show how insecure the DHS is or to damage its reputation, then mission accomplished.

But trust us with the keys to your back doors

[The-Ixian]

We will keep them super ultra extra mega secure... promise.

"if you don't want to be tracked..."

For years since the Snowden disclosures we have repeatedly heard from the government If you don't want to be tracked, turn off your phone".. And you have no expectation of privacy when using tools designed to protect your privacy.

So let's see here. "If you want privacy, don't work for civil-rights violating organizations". "You have no expectation of privacy if you work for the NSA, DHS, or are a congressman/woman who has voted to strip away our civil rights".

I won't shed half a tear if the shoe shifts to the other foot once in a while.

Hackers leak DHS directory, claim FBI is next

[U2xhc2hkb3QgU3Vja3M]

Great, I've been waiting forever for Mulder's email address. I want to ask him if he knows where his towel is.

Re:Muslim hackers or just thoughtless idiots

[MitchDev]

If American citizens can;t have privacy, then neither can the government.

This is so sad

[ITRambo]

Homeland Security seems to be anything but secure itself. Don't they have a huge budget for things like...security?

Easy Hack

[byteherder]

It is not like these lists are ultra top secret. When I worked for a government agency that shall remain nameless, I had access to everyone's email address, name, phone number and work location address. We treated that information with respect for privacy just as we did more sensitive information like SS #, home address, date of birth. Email addresses certainly was not top secret.

Re:Easy Hack

[TubeSteak]

If you gather together enough unclassified information, you can frequently distill from it facts that are considered classified.

Like tracking the tail numbers of international flights to uncover the CIA's rendition program.

Not to mention that a staff directory is exactly what you want for spearfishing campaigns.

Re:Hillary's server?

[NotQuiteReal]

Heh, maybe Hillary will point out that HER server wasn't breached, but other government servers have been.

Re:Hillary's server?

[edtice1559]

She paid a private organization to secure her server. And everybody knows that private industry is better at everything than government. I think this just goes to show that the government should privatize email! Why are they criticizing Hillary for adopting one of their sacred policies?

Exchange?

[McGruber]

name, title, email address, and phone number of more than 9,000 DHS employees,

All of which are available to any DHS employee with email access, since that data is in the Outlook directory.