Data breach in a US government agency

A US government agency notified its 8,000 employees that an attack compromised their personal data. The Defense Information Systems Agency (DISA) provides secure communications to the White House. Its CIO, Roger Greenwell revealed that the attackers stole the Social Security numbers from a “system hosted by DISA”. Regardless it is a security agency.

“While there is no evidence to suggest that your PII (personally identifiable information) was misused, DISA policy requires the agency to notify individuals whose personal data may have been compromised”, he mentioned in a statement.

But he offered very few details about the affected systems, who and how attacked them. The attack happened between May and July 2019. Still, it is not clear if it also affected a wider base of users of DISA’s service, or just its employees. Thus, according to some speculations, about 200,000 people could be involved.

But the agency announced it would help those affected by monitoring the data. Also, it put in place additional security “to prevent future incidents”. Also, the agency mentioned it adopted new protocols to improve protection of the personal data.

A serious attack with little damage

Despite the DISA’s statements, security specialists consider the incident as very serious, as it compromised a US government defence agency. Security specialists consider that the compromised information might not be critical to the function of the DoD. “Although very personal and private to the people compromised. So, it may have been an external database without the same level of controls as internal secret information,” Chris Morales, head of security analytics at Vectra, mentioned.

But he also believes that this is an unfortunate situation. Thus, he considers that “Organizations need to get better at how long it takes to be aware of a compromise and how quickly they can respond. Visibility into how systems are used is key.”