[ISN] Information-sharing platform hacked

From: InfoSec News <alerts_at_private>
Date: Thu, 14 May 2009 00:17:38 -0500 (CDT)
http://fcw.com/articles/2009/05/13/web-dhs-hsin-intrusion-hack.aspx

By Ben Bain
FCW.com
May 13, 2009

Homeland Security Information Network suffers intrusions

The Homeland Security Department’s platform for sharing sensitive but 
unclassified data with state and local authorities was hacked recently, 
a DHS official has confirmed.

The intrusion into the Homeland Security Information Network (HSIN) was 
confirmed to Federal Computer Week by Harry McDavid, the chief 
information officer for DHS’ Office of Operations Coordination and 
Planning. McDavid said the U.S. Computer Emergency Readiness Team 
reported an intrusion into the system in late March. The initial hack 
was brief and limited, and it was followed by a more extensive hack in 
early April, McDavid said.

The hacker or hackers gained access to the data by getting into the HSIN 
account of a federal employee or contractor, McDavid said. The bulk of 
the data obtained was federal, but some state information was also 
accessed, he added, and the organizations that owned the data and 
Congress were notified of the intrusion.

The files that were accessed contained administrative data such as 
telephone numbers and e-mail addresses of state and federal employees. 
However, an investigation into the incidents has found that no Social 
Security numbers, driver's license numbers or financial data were 
obtained, McDavid said.

[...]


--
LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information
Received on Wed May 13 2009 - 22:17:38 PDT

This archive was generated by hypermail 2.2.0 : Wed May 13 2009 - 22:36:20 PDT