Hackers breached DHS information-sharing network


A key Department of Homeland Security information-sharing database was accessed by an unknown threat actor in recent weeks, potentially exposing sensitive data exchanged between federal, state, local and industry partners, according to two people familiar with the matter.

DHS investigators are probing the intrusion of the Homeland Security Information Network, said both people, who spoke on the condition of anonymity because the incident is sensitive. The hackers’ affiliation and whether any documentation was pilfered from the system are both unclear.

Read more…
Source:  Nextgov


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • FCC wants to improve cyber protections for schools, libraries

    November 21, 2023

    Ransomware attacks and cybersecurity threats against schools are multiplying and have led to some dramatic consequences. Last year, the Los Angeles Unified School District was hit by a ransomware attack that resulted in hackers posting 500 gigabytes of stolen data online, after the district’s superintendent refused to pay the ransom. The attack compromised about 2,000 student ...

  • U.S. DOD strategy warns emerging tech is ‘at the forefront’ of information threats

    November 21, 2023

    The Pentagon publicly released its strategy for operating in the information environment – which covers both physical and digital sources of information – on Friday, outlining how the agency plans to modernize its collecting, processing and sharing of data to better counteract adversaries’ weaponization of the internet and emerging technologies. DOD “must embrace a cultural shift ...

  • #StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

    November 21, 2023

    The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC) are releasing this joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with LockBit 3.0 ransomware exploiting CVE-2023-4966, labeled Citrix Bleed, affecting Citrix ...

  • Binance CEO pleads guilty to money laundering charges

    November 21, 2023

    The Binance chief executive, Changpeng Zhao, has resigned after pleading guilty to money laundering violations. The Justice Department said it was requiring Binance, the largest crypto-exchange in the world, to pay $4.3bn (£3.4bn) in penalties and forfeitures. It said Binance had helped users bypass sanctions across the world. Read more… Source: BBC News  

  • Hackers accessed sensitive health data of Welltok patients

    November 20, 2023

    Hackers accessed the personal data of more than a million people by exploiting a security vulnerability in a file transfer tool used by Welltok, the healthcare platform owned by Virgin Pulse. Welltok, a Denver-based patient engagement company that works with healthcare plans to provide communications to subscribers about their healthcare, confirmed in a data breach notification ...

  • K-12 schools improve protection against online attacks, but many are vulnerable to ransomware gangs

    November 19, 2023

    Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations. Since a White House conference in August on ransomware threats, dozens of school districts have signed up for free cybersecurity services, ...