A hacker on Monday published information that exposes the names, titles, phone numbers and email addresses for thousands of FBI employees, after leaking similar data about 9,000 Department of Homeland Security employees Sunday.
A Twitter account used by the hacker linked to the DHS and FBI personnel data along with messages suggesting support for a free Palestine and promising to leak data about thousands more workers unless the U.S. ends diplomatic relations with Israel.
The hacker or hackers gained access to the federal staff data through the email account of a Justice Department worker, which was also used to contact tech blog Motherboard to explain the hack. Motherboard reports it confirmed the leak was genuine by calling some of phone numbers posted online. The Twitter account @DotGovs also posted a screenshot of the Justice Department website said to have provided the federal staff database.
In addition to the information from some 20,000 FBI employees, the hacker also told the tech blog that they have downloaded 200GB of data, including credit card numbers and military emails from the database, but they claimed the compromised email gave them access to 1TB of information. Motherboard said it was not able to verify that claim.
A recent survey of federal information technology workers conducted by the Ponemon Institute showed how a “negligent insider” who opens their account to a hacker can expose entire databases. That survey highlights that U.S. government inefficiency and poor security measures are a greater threat than hackers working for criminal gangs or nation states like China.
Hackers stole information about an estimated 21.5 million federal employees or job applicants from the databases of the Office of Personnel Management last summer. Purported pro-Palestine hackers in recent months have also targeted the online accounts of officials including CIA Director James Brennan and John Holdren, the senior adviser on science and technology at the White House, though it is unclear if those incidents are related to this latest breach.
Sen. Ron Johnson, R- Wisc., chairman of the Senate Homeland Security and Governmental Affairs Committee, pressured the White House to increase cybersecurity precautions during a hearing last week.
“Clearly existing protections are not sufficient and major changes are necessary, not just at the OPM but across the federal government,” he said.