Former Department of Homeland Security Employee Steals Data of DHS Staff & People Under Investigations
The Department of Homeland Security (DHS) has announced it suffered a data breach last year affecting nearly 247,000 of the department’s employees, along with individuals connected with DHS investigations. “On May 10, 2017, as part of an ongoing criminal investigation being conducted by DHS OIG and the U.S. Attorney’s Office, DHS OIG discovered an unauthorized copy of its investigative case management system in the possession of a former DHS OIG employee,” the DHS said in a press release.
The leak exposes personally identifiable information (PII) of the agency’s current and former employees, including their names, Social Security numbers, birth dates, positions, duty stations, among other data. The department said that the leak impacts its staff employed by the DHS in 2014. The leak also exposes people associated with the DHS OIG investigations from 2002 through 2014, including subjects, witnesses, and complainants – the DHS categorizes this as Investigative Data.
The exposed data varies among these non-DHS individuals depending on the stored documentation and collected evidence. But potentially includes names, social security numbers, alien registration numbers, dates of birth, email addresses, phone numbers, addresses, and personal information provided in interviews to the investigative agents.
DHS clarifies it wasn’t target of a cyberattack
“The privacy incident did not stem from a cyber-attack by external actors, and the evidence indicates that affected individual’s personal information was not the primary target of the unauthorized exfiltration,” DHS added in its statement. Similar to most of the government department leaks, this data breach also occurred thanks to a former employee.
A copy of the DHS Office of the Inspector General (OIG) Case Management System (CMS) – an application used by DHS to store data on current and past investigations – was made by a former employee in 2014. This unauthorized copy contained data on DHS-connected people from 2002 through 2014.
The agency said it is currently notifying select DHS employees to inform them about potential impacts after “a thorough privacy investigation, extensive forensic analysis of the compromised data, an in-depth assessment of the risk to affected individuals, and comprehensive technical evaluations of the data elements exposed.”
The Department is also offering 18 months of free credit monitoring and identity protection services to all the affected individuals. However, the agency said it is unable to directly notice individuals who were affected by the Investigative Data. If you were associated with the agency in any way during 2002 and 2014, you can read the FAQs here or contact AllClear ID at (855) 260-2767 for information on credit monitoring and identity protections services.