Incident Of The Week: U.S. State Department Experiences Data Breach

Employee PII Exposed In Recent Cyber-Attack



Dan Gunderman
09/21/2018

Department of State
[Featured Photo: Mark Van Scyov/Shutterstock.com]

In the dynamic world of cyber security, breaches are both tightly guarded and, sadly, imminent.

Combing through data, market research and threat-defense efforts taken by enterprises can be a daunting task. Here at Cyber Security Hub, we both track the latest industry news and make it more navigable for the IT professional. Cyber Security Hub coverage extends outwards – as it helps enterprises batten down their proverbial hatches.

In this edition of “Incident of the Week,” we examine a reported data breach at the U.S. State Department. The event may have exposed personally identifiable information (PII) of a portion of its employees.

Politico first reported the breach, noting that the State Department’s workforce had been the target. The outlet noted that the incident is “not thought to impact more than one percent of the staff roster.”

An alert on the matter, dated Sept. 7, stated that PII may have been exposed. The department subsequently notified affected employees. A notice was marked “Sensitive but Unclassified.” As of this reporting, technical details of the hack have not been made public.

See Related: Incident Of The Week: British Airways Breach Leaks 380K Transactions

ZDNet reporting indicates that the email system in question is considered unclassified and there is no evidence to suggest classified email networks were also breached.

The alert also reads: “Like any large organization with a global presence, we are a constant target for cyberattacks. This is a good opportunity to remind everyone that we all play an important role in protecting Department information, especially when it comes to the use of secure and safe passwords, and reporting suspicious activity.”

Further ZDNet details suggest that the department has also come under fire for what some consider lax security controls. Five U.S. senators recently penned a letter to Secretary of State Mike Pompeo questioning the security measures in place, and pushing for protections such as multi-factor authentication (MFA). A recent General Service Administration (GSA) report suggested that only 11% of high-value devices used by the department utilized MFA, ZDNet notes.

See Related: Incident Of The Week: Phishing Scam At Pa. Bank Exposes 50K Accounts

[Photo: lev radin/Shutterstock.com]

The department alert continues: “This is an ongoing investigation and we are working with partner agencies to conduct a full assessment. We will reach out to any additional employees as needed.”

Toward the end, it reads: “All security-related anomalies must be reported to the DS Cyber Incident Response Team (DS/CIRT)… In addition, we remind all employees to limit and be cautious about the amount of PII and other sensitive information transmitted over email, and ensure that emails containing PII are marked as ‘Official – Privacy/PII.’”

Affected employees have been given three years of free credit monitoring.

It’s not the first time cyber security protocols have made headlines at the federal level. In 2015, a breach at the Office of Personnel Management (OPM) exposed approximately 22 million employee records across two attacks, ZDNet notes.

On the recent incident, a State Department official told the Washington Examiner that it is also working with the private sector service provider for its assessment. The official said the department remains vigilant against ongoing cyber-threats and in protecting its networks.

Be Sure To Check Out: Incident Of The Week: T-Mobile Data Breach Impacts 2M Customers

RECOMMENDED