DoJ, DHS hacked; employee data exposed by “Free Palestine” hacktivists

posted at 2:01 pm on February 8, 2016 by Ed Morrissey

The FBI’s jurisdiction and its digital presence have intersected in an embarrassing and highly damaging manner. Hackers penetrated networks at the Department of Justice and the Department of Homeland Security, gaining access to employee records at the FBI and other agencies. Hundreds of gigabytes worth of data have been stolen, the hackers claim, and they are using the hack as a protest for the #FreePalestine movement.

Motherboard first reported on the hack, and corroborated at least some of the claims:

A hacker, who wishes to remain anonymous, plans to dump the apparent names, job titles, email addresses and phone numbers of over 20,000 supposed Federal Bureau of Investigation (FBI) employees, as well as over 9,000 alleged Department of Homeland Security (DHS) employees, Motherboard has learned.

The hacker also claims to have downloaded hundreds of gigabytes of data from a Department of Justice (DOJ) computer, although that data has not been published.

On Sunday, Motherboard obtained the supposedly soon-to-be-leaked data and called a large selection of random numbers in both the DHS and FBI databases. Many of the calls went through to their respective voicemail boxes, and the names for their supposed owners matched with those in the database. At one point, Motherboard reached the operations center of the FBI, according to the person on the other end.

One alleged FBI intelligence analyst did pick up the phone, and identified herself as the same name as listed in the database. A DHS employee did the same, but did not feel comfortable confirming his job title, he said.

IBT noted the declared motivation of the hacktivists:

The hacker, who attached a note to the leaked cache that said “this is for Palestine, Ramallah, West Bank, Gaza, this is for the child that is searching for an answer”, claimed to have attained the information via a Department of Justice (DoJ) computer. It is suspected that hundreds of gigabytes of data was stolen in the hack. …

Meanwhile, a twitter account under the handle @DotGovs appears to be host to the hackers responsible for the breach. On the profile, which has stated publicly that it has multiple admins, the hackers threatened to expose a separate set of up to 20,000 credentials from the FBI – however this data has not yet been published.

The hackers specifically threatened to release the names of FBI agents serving abroad, a move that appears intended to put their lives in danger. However, DoJ spokesperson Peter Carr denies that any of the information stolen would identify specific agents and locations. In fact, the DoJ isn’t quite sure a crime has taken place, or at least they aren’t quite admitting it yet:

Peter Carr, a spokesman for the Department of Justice, said it did not think the hackers had managed to release “sensitive, personally-identifiable information”, and that if it discovered criminal activity it would press charges.

If?

“The department is looking into the unauthorised access of a system operated by one of its components containing employee contact information,” he told The Telegraph.

“This unauthorised access is still under investigation; however, there is no indication at this time that there is any breach of sensitive personally identifiable information.

“The department takes this very seriously and is continuing to deploy protection and defensive measures to safeguard information. Any activity that is determined to be criminal in nature will be referred to law enforcement for investigation.”

What kind of unauthorized penetration of these systems would not be criminal? That language might be even more curious, under the circumstances. The hack may be months old, according to Newsweek, via The Inquisitr:

An FBI source told Newsweek that some FBI employees were notified in May that their files had been accessed by hackers during the massive year-long breach of OPM’s database.

More than 36,000 people currently work for the FBI, and while it remains unclear how many of them were affected by the alleged hack, the cyber security breach by the unnamed hacker can have “mind-boggling” effects, according to the sources, because there can be several classified data [sic].

Perhaps this is a separate attack from the one in May, but if so, that makes it even worse. Besides, these agencies supposedly began hardening their data security after the OPM hack got exposed in June of last year. If this penetration took place before federal officials took notice of the China-based penetration of the federal employee and security clearance databases, then it raises questions about who else might have been able to grab that highly sensitive information. If it took place afterward — and there seems to be little reason for hacktivists to keep quiet about this information for as long as eight months or more — then it raises even more questions about the response to the massive security breach last year.

The FBI will need to get to the bottom of this hack quickly. And Congress should start demanding answers on cybersecurity from an administration that has lectured the private sector on this issue endlessly but seems incapable of taking their own advice.


Related Posts:

Breaking on Hot Air

Blowback

Trackbacks/Pings

Trackback URL

Comments

A hacker, who wishes to remain anonymous, plans to dump the apparent names, job titles, email addresses and phone numbers of over 20,000 supposed Federal Bureau of Investigation (FBI) employees, as well as over 9,000 alleged Department of Homeland Security (DHS) employees, Motherboard has learned.

The hacker also claims to have downloaded hundreds of gigabytes of data from a Department of Justice (DOJ) computer, although that data has not been published.


This?!?
You can do this but none of you can take the time to get teh contents of the Shrillary’s recovered email server???

PolAgnostic on February 8, 2016 at 2:05 PM

Another day, another blunder.

Under Obama, government incompetence is the new competence.

s1im on February 8, 2016 at 2:08 PM

Move the West Bankers to Syria, I heard there is more room over there.

Oil Can on February 8, 2016 at 2:09 PM

I’ll take things only government can do for $300 please.

antipc on February 8, 2016 at 2:10 PM

The Obama administration really sucks, as does most of the government.

These same people are going to make life and death health care decisions for you under government run/mandated health insurance.

jaime on February 8, 2016 at 2:16 PM

Government = things we do together.

Raise your hand if you’ve ever disseminated the personal information of your friends and neighbors across a broad public spectrum.

I want these idiots holding all my medical and financial records.

Bishop on February 8, 2016 at 2:16 PM

Smart Power!….Leading from behind!….YES WE CAN!

Mimzey on February 8, 2016 at 2:17 PM

DoJ, DHS hacked

…oh quitYERbitchin’….You want this administration to live up to its transparency claims!…they finally are!

JugEarsButtHurt on February 8, 2016 at 2:17 PM

Makes it more apparent that Hillary’s closet server was most certainly hacked, too!

Deano1952 on February 8, 2016 at 2:21 PM

Top. Men.

WaldoTJ on February 8, 2016 at 2:21 PM

This?!? You can do this but none of you can take the time to get teh contents of the Shrillary’s recovered email server???

PolAgnostic on February 8, 2016 at 2:05 PM

Gowdy’s team may have saved a lot of time had they asked the hackers for content instead of State.

butch on February 8, 2016 at 2:21 PM

THIS is why Hillary was smart to have her own personal email server!

/Tlaloc

ShainS on February 8, 2016 at 2:27 PM

…we’ve found the JV Team…and it is us…

Pelosi Schmelosi on February 8, 2016 at 2:29 PM

Fundamental Change You Can Believe In!

RockyMtnGirl on February 8, 2016 at 2:31 PM

Hackers penetrated networks at the Department of Justice and the Department of Homeland Security, gaining access to employee records at the FBI and other agencies.

…ok…so is Lynch gonna prosecute That Skank or not..??

Pelosi Schmelosi on February 8, 2016 at 2:32 PM

THIS is why Hillary was smart to have her own personal email server!

/Tlaloc

ShainS on February 8, 2016 at 2:27 PM

HAHAHA…..HAHAHA…….hahah…… oh wait a minute…..what’s with the sarc tag?

antipc on February 8, 2016 at 2:32 PM

A couple months ago I received a letter from the US government saying my personal info on their server may have been hacked. To protect me they gave me a link to a site that would provide me identity protection insurance at no cost. I go to the .gov site and start the process to see the site was not secure and they required I enter my SS number to get started. Rather than submit any more to them I figured I was better off risking myself with the first hack rather than open myself up to entering my personal data on a second government server.

tej on February 8, 2016 at 2:32 PM

See, why I had my OWN server
Sheesh!
-hillary

cmsinaz on February 8, 2016 at 2:35 PM

Makes it more apparent that Hillary’s closet server was most certainly hacked, too!

Deano1952 on February 8, 2016 at 2:21 PM

The only reason we found out about Killary’s server is because the Russians hacked it.

We should ask them for the content.

Buttercup on February 8, 2016 at 2:35 PM

…think about it…

…this inept govt could create “no fly” and “gun owner” lists, have them hacked, changed and returned to their original location, and these morons would never even know it…scary…

Pelosi Schmelosi on February 8, 2016 at 2:37 PM

Didn’t see your post shain
Great minds :)

cmsinaz on February 8, 2016 at 2:37 PM

I’ll take things only government can do for $300 please.

antipc on February 8, 2016 at 2:10 PM

I take it you are alluding to the jeopardy language. However, taking your statement at fact value, our (the US) government can’t do anything for $300. Hell, their hammers cost $800 and toilet seats $2500. Put a quote after “take” and after “$300.”

Old Country Boy on February 8, 2016 at 2:39 PM

These DOJ and DHS hacks are probably the results of things learned from Hillary’s insecure server.

oscarwilde on February 8, 2016 at 2:41 PM

This is what happens when the dhimocrapts give us an affirmative action president and an affirmative action cabinet.

Old Country Boy on February 8, 2016 at 2:41 PM

Hillary is that you?

deptofredundancydept on February 8, 2016 at 2:47 PM

I’ll bet they didn’t get Lynch’s info, because hers is on a private home server set up by Hillary’s IT staff!

Marcola on February 8, 2016 at 2:48 PM

Makes it more apparent that Hillary’s closet server was most certainly hacked, too!

Deano1952 on February 8, 2016 at 2:21 PM

Mrs Clinton’s server appears to me to have been set-up with the express intention of it being ‘hacked’.

Regardless of her intentions, if that server wasn’t hacked then the circle of unbelievably improbable incompetence would include the Internet spies of at least the following countries:

Russia, China, Iran, India, Pakistan, the UK, France, Germany, Spain, Italy — well, most of the EU actually — Australia, New Zealand, Canada, Syria, South Africa, Argentina, Chile, Indonesia, Israel, the Philippines, Thailand, Singapore, UAE, Saudi Arabia, Taiwan, Japan, North Korea, South Korea, Egypt, Morocco, Algeria, Tunisia, …

Probably they didn’t all hack it, but it would be astonishing if none of them did.

YiZhangZhe on February 8, 2016 at 2:48 PM

Darn it. Why wasn’t the secret service guarding those servers with guns drawn like they did for Hillary?!

PackerBronco on February 8, 2016 at 2:49 PM

And Congress should start demanding answers on cybersecurity from an administration that has lectured the private sector on this issue endlessly but seems incapable of taking their own advice.

Oh, Ed. It’s almost inspiring that you still have some faith in accountability in our national gov’t.

tej on February 8, 2016 at 2:32 PM

I am SO glad that our SS numbers never became de facto identification numbers, like the law said they wouldn’t/shouldn’t. Because that would make this really troublesome.
/s

GWB on February 8, 2016 at 2:50 PM

The only reason we found out about Killary’s server is because the Russians hacked it.

We should ask them for the content.

Buttercup on February 8, 2016 at 2:35 PM

Wouldn’t it be ironic if after the primary or sometime during the General all the Hillary e-mails uncut are posted online. Isn’t Snowden still in Russia and couldn’t he leak this without anyone knowing where it came from? More interesting is wouldn’t he be open for a presidential pardon if he promised to delete all Obama data before the release? Snowden and Putin need to get together soon and work out a deal.

tej on February 8, 2016 at 2:51 PM

No need to wonder why there are so many people out there saying “you can’t trust the government”.

The real question is why there are any people out there saying “you CAN trust the government”.

The answer of course is that those people of the second group are mostly government spokespersons. The remaining ones are severely disturbed mental patients.

s1im on February 8, 2016 at 2:57 PM

tej on February 8, 2016 at 2:32 PM

I am SO glad that our SS numbers never became de facto identification numbers, like the law said they wouldn’t/shouldn’t. Because that would make this really troublesome.
/s

GWB on February 8, 2016 at 2:50 PM

In a previous state I lived in back in the 70’s they used our SS number as our DL number, printed prominently on the face of each license w/ you picture and other info. These days I hate to even give the last 4 digits when asked.

Often when you used to enter DOD property short-term you were required to show your original SS card which, in my case is in historical condition.

tej on February 8, 2016 at 3:00 PM

But HilLiary’s bathroom private/personal server was totally secure.
Hey, she said it was guarded by her Secret Service detail, right?
So its contents are secure, but not as secure as her speech transcripts. You can be damn sure of that.

Missilengr on February 8, 2016 at 3:03 PM

Who knew the theater of government would be a farce.

gbear on February 8, 2016 at 3:05 PM

I am SO glad that our SS numbers never became de facto identification numbers, like the law said they wouldn’t/shouldn’t.

GWB on February 8, 2016 at 2:50 PM

Subject # 123-45-6789, please report to the nearest reeducation facility prior to sunset.

– Govnet.

antipc on February 8, 2016 at 3:06 PM

This Affirmative Action hire King Putt and his administration has set a historically low bar in every aspect of governance. Every aspect of the Federal government is now malevolent, plodding, stupid, corrupt, badly managed and dangerous. And the half of America with their lips welded to the government teat are just fine with it.

HatfieldMcCoy on February 8, 2016 at 3:09 PM

I don’t care if my SS# is known. I’ve already sold it to 4,000 illegals./

vnvet on February 8, 2016 at 3:17 PM

In a previous state I lived in back in the 70’s they used our SS number as our DL number, printed prominently on the face of each license w/ you picture and other info.

tej on February 8, 2016 at 3:00 PM

Virginia was still doing that ~2001 when I moved here. I refused – and was accommodated, because they had an opt-out law. They had already been sued over it and had fixed it in that way. When they went to the super-secure DLs, they finally removed the SSN altogether.

I was never happy with the military using my SSN as my default Service Number. From the moment I saw my first issued ID card, I complained. I think they have finally done away with that.

GWB on February 8, 2016 at 3:20 PM

Besides, these agencies supposedly began hardening their data security after the OPM hack got exposed in June of last year.

Yeah, based on the track record of this administration, ‘supposedly’ would be the operative word.

AUINSC on February 8, 2016 at 3:21 PM

Is there a list of government entities and databases that haven’t been compromised under Obama?

Lolo on February 8, 2016 at 3:24 PM

Top. Men.

WaldoTJ on February 8, 2016 at 2:21 PM

Raiders quote for the win.

Indefatigable on February 8, 2016 at 3:45 PM

Who knew the theater of government would be a farce.

gbear on February 8, 2016 at 3:05 PM

(raises hand)

runawayyyy on February 8, 2016 at 3:48 PM

They just released it on their Twitter acct, looks pretty darn real to me. This is gonna make some headlines.

redhead on February 8, 2016 at 4:13 PM

Darn it. Why wasn’t the secret service guarding those servers with guns drawn like they did for Hillary?!

PackerBronco on February 8, 2016 at 2:49 PM

Don’t get cocky.

AesopFan on February 8, 2016 at 4:18 PM

No need to wonder why there are so many people out there saying “you can’t trust the government”.

The real question is why there are any people out there saying “you CAN trust the government”.

The answer of course is that those people of the second group are mostly government spokespersons. The remaining ones are severely disturbed mental patients.

s1im on February 8, 2016 at 2:57 PM

And Jazz was wondering if ubiquitous traffic cams were an unnecessary invasion of privacy.
They are if someone hacks the data base and starts tracking people they don’t like; or if it is passed around voluntarily in the DNC lunchroom.

AesopFan on February 8, 2016 at 4:19 PM

Is there a list of government entities and databases that haven’t been compromised under Obama?

Lolo on February 8, 2016 at 3:24 PM

It was hacked.

AesopFan on February 8, 2016 at 4:20 PM

Government Zero.

Run to ruin by the Two Party Evil Money Cult of Washington D.C..

APACHEWHOKNOWS on February 8, 2016 at 4:31 PM

Why hack is the real question the Democrats will hand it over via Obama, the Clinton’s an assortment of other ghouls such a life long liar/man of treason Lt. for life John F. Kerry.

Facts count up.

APACHEWHOKNOWS on February 8, 2016 at 4:34 PM

And Jeb says he wouldn’t blame Obama for anything. Give me a break!

You know, all those Dems who work for govt would also become targets. Nothing like turning on your own.

Disgusting

MN J on February 8, 2016 at 6:18 PM

Hackers penetrated networks at the Department of Justice and the Department of Homeland Security, gaining access to employee records at the FBI and other agencies.

Now that is funny.

earlgrey on February 8, 2016 at 7:27 PM

This administration talks a good game……and little else.

GarandFan on February 8, 2016 at 9:12 PM

[quote]names, job titles, email addresses and phone numbers[/quote]

Generally, that information, along with pay grade are all public information and at worst FOIA-able.

Not an impressive hack, if you ask me.

wvmikep on February 9, 2016 at 8:00 AM