The US State Department confirmed that hackers breached one of its email systems, the attack potentially exposed personal information of some of its employees.
The incident seems to have affected less than 1% of employee inboxes, 600-700 employees out of 69,000 people.
“The Department recently detected activity of concern in its unclassified email system, affecting less than 1 per cent of employee inboxes. Like any large organization with a global presence, we know the Department is a constant target for cyber attacks,” states the US State Department.
“We have not detected activity of concern in the Department’s classified email system. We determined that certain employees’ personally identifiable information (PII) may have been exposed. We have already notified those employees.”
The security breach affected an unclassified email system at the State Department, the news of the hack came to light after Politico obtained a “Sensitive but Unclassified” notice about the incident.
“This is an ongoing investigation, and we are working with partner agencies, as well as the private sector service provider, to conduct a full assessment.” a State Department spokesperson told Politico.
“We will reach out to any additional impacted employees as needed.”
After the Agency noticed the “suspicious activity” in its email system notified the incident to a number of employees whose personal information may have been compromised.
US State Department didn’t reveal which kind of data had been accessed by attackers, at the time of writing we only know that no classified information had been exposed.
The Agency claimed it took steps to secure its system, and it is offering three years of credit and identity theft monitoring to the affected employees.
A group of senators wrote to Secretary of State Mike Pompeo last week raising concerns that the department did not meet federal standards for cybersecurity and questioning its resilience to cyber attacks.
“Sens. Ron Wyden (D-Ore.), Rand Paul (R-Ky.), Ed Markey (D-Mass.), Jeanne Shaheen (D-N.H.) and Cory Gardner (R-Colo.) asked Pompeo for an update on what the State Department has done to address its “high risk” designation, and how many cyberattacks the department had been subject to abroad in the last three years.” reported TheHill.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.