Threatwatch

Foreigners Probably Behind Break-in at DHS Background Check Contractor

Cyber espionage; Network intrusion; Stolen credentials

Homeland Security Department employees likely had their personal information stolen when attackers poached a computer system at USIS, a private firm that conducts personnel investigations on behalf of many agencies.

The breach was discovered recently. It is unclear how many government employees are affected.

USIS officials said in a statement that the intrusion “has all the markings of a state-sponsored attack.”

The Office of Personnel Management suspended work with the company “out of an abundance of caution,” a senior administration official said. DHS also has suspended business with USIS.

The breach is separate from a recent hack that directly struck an OPM database containing information on individuals applying for security clearances.

A second senior official said, “We have an inclination that, based on what the company has been telling us, there has been a spill. The degree to which that information has been exfiltrated for other purposes is what we’re trying to discern now.”

DHS encrypted the data sent to USIS, but it’s unclear whether the data remained encrypted on USIS systems. The department has notified the entire DHS workforce of the breach.

USIS has drawn fire for allegedly cutting corners on background checks in order to hit revenue targets. The company conducted the background checks on Navy Yard shooter Aaron Alexis and on ex-National Security Agency contractor Edward Snowden. 

sector

Government Contractor

reported

August 6, 2014

reported by

The Washington Post

number affected

Unknown

location of breach

Unknown

perpetrators

Nation State

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

Unknown