5 Notable Security Incidents that Recently Affected Federal Entities
Digital attackers have a history of targeting public sector organizations. For its 2018 Data Breach Investigations Report (DBIR), Verizon Enterprise tracked 22,788 security incidents that affected the public sector. Data disclosure occurred in 304 of those events; digital espionage via phishing or the use of a backdoor served as the most common pattern. Those techniques exposed personal information in 103 data breaches followed by secrets (60 incidents), medical details (34 incidents) and credentials (32 incidents).
It’s unclear how many of the security incidents discussed above involved federal entities in the United States. But publications from organizations like The Heritage Foundation help fill in the blanks. Using that information, here are five of the most notable security incidents that recently affected federal entities.
The Department of Labor
On 16 August 2017, an official at the Department of Labor told Bloomberg BNA that the Department had taken down an employee web portal for reporting illnesses and injuries after detecting a “potential compromise” of a company’s data. The Department of Homeland Security (DHS informed the Occupational Safety and Health Administration (OSHA) about the issues stemming from OSHA’s Injury Tracking Application on 14 August. A government document reveals that the National Information Technology Center (NITC) analyzed OSHA’s utility and confirmed that there had been no breach of data. Officials responded by restoring the portal on 25 August.
Securities and Exchange Commission
That same month, the U.S. Securities and Exchange Commission announced that digital attackers exploited a software vulnerability affecting its Electronic Data Gathering, Analysis, and Retrieval (EDGAR) system. This compromise, which occurred a year prior, enabled those responsible to access non-public information on businesses including quarterly earnings and merger statements but not sensitive personal data. Those actors then used that stolen information to invest in the stock market.
Deloitte
The Guardian revealed on (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/government/5-notable-security-incidents-that-recently-affected-federal-entities/