Hackers breached DHS after alarms were twice ruled ‘false positives’


Hackers managed to find their way into the US Department of Homeland Security’s primary information sharing platform, gaining unfettered access to the HSIN network that hosts unclassified information that multiple US agencies and international rely on.

The hack allowed the attackers to modify server files, run malicious code and steal credential files while installing backdoors and deleting logs to remove their digital footprint.

Their movements were flagged twice by automated systems and analysts in May 2026, before being dismissed as a false positive each time before an active breach was declared a month later.

Read more…
Source:  TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • NYC Health + Hospitals says hackers stole medical data affecting at least 1.8m people

    May 18, 2026

    New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal data, medical records, and fingerprints scans affects at least 1.8 million people. NYCHHC is the largest public health system in the United States and provides healthcare to over a million New Yorkers, the majority of whom are uninsured or ...

  • Scammers are targeting World Cup fans

    May 16, 2026

    We’re less than a month away from the biggest sporting event of the year, the FIFA World Cup, and scammers are already busy stealing money, passwords, and other sensitive data from fans and visitors, experts have warned. Kaspersky has published a breakdown of the different scam techniques cybercriminals are using to target football fans as they ...

  • Hackers have breached tank readers at US gas stations

    May 15, 2026

    US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity. The hackers responsible have exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords, allowing them in some cases ...

  • ShinyHunters: Cyber Criminal Group Attacks Learning Management System

    May 15, 2026

    The Federal Bureau of Investigation (FBI) is providing this Public Service Announcement (PSA) to warn of potential future impacts related to a cyber-attack that affected an online Learning Management System (LMS), resulting in an interruption of service to educational institutions and students across the country. The LMS platform is now fully operational. ShinyHunters (SH) — which ...

  • German Citizen Charged with Laundering Funds Linked to Prominent Darknet Marketplace “Dream Market”

    May 13, 2026

    Owe Martin Andresen, the suspected main administrator of Dream Market, one of the largest illicit darknet marketplaces before its 2019 shutdown, has been indicted for an alleged scheme to launder funds from Dream Market’s administrator accounts. Andresen was arrested last week in Germany on parallel charges brought by the German government. “Andresen allegedly channeled commissions earned ...

  • Disgraced US gov software contractor found guilty of database destruction

    May 8, 2026

    A Virginia man, Sohaib Akhter, faces decades in prison after a jury convicted him of being involved in a scheme to delete approximately 96 databases containing US government data. The events of the case transpired around two weeks before the twin brothers allegedly involved were fired from their jobs at a software supplier to the US ...