OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[ISN] Information-sharing platform hacked

From: InfoSec News (alertsinfosecnews.org)
Date: Thu May 14 2009 - 00:17:38 CDT


http://fcw.com/articles/2009/05/13/web-dhs-hsin-intrusion-hack.aspx

By Ben Bain
FCW.com
May 13, 2009

Homeland Security Information Network suffers intrusions

The Homeland Security Department’s platform for sharing sensitive but
unclassified data with state and local authorities was hacked recently,
a DHS official has confirmed.

The intrusion into the Homeland Security Information Network (HSIN) was
confirmed to Federal Computer Week by Harry McDavid, the chief
information officer for DHS’ Office of Operations Coordination and
Planning. McDavid said the U.S. Computer Emergency Readiness Team
reported an intrusion into the system in late March. The initial hack
was brief and limited, and it was followed by a more extensive hack in
early April, McDavid said.

The hacker or hackers gained access to the data by getting into the HSIN
account of a federal employee or contractor, McDavid said. The bulk of
the data obtained was federal, but some state information was also
accessed, he added, and the organizations that owned the data and
Congress were notified of the intrusion.

The files that were accessed contained administrative data such as
telephone numbers and e-mail addresses of state and federal employees.
However, an investigation into the incidents has found that no Social
Security numbers, driver's license numbers or financial data were
obtained, McDavid said.

[...]

--
LayerOne 2009, Information Security for the discerning professional.
May 23-24 2009 The Anaheim Marriott in Anaheim, California
Visit http://layerone.info for more information