Security pros raise questions after breach of US federal court system, District of Columbia
Breach Type –
Unknown, Data Breach
SC Magazine
July 29th, 2022
- “Serious eyebrows were raised this week when House Judiciary Chairman Jerry Nadler, D-N.Y., said at an oversight committee hearing that three unspecified foreign actors breached the federal judiciary’s document management system."
- “During yesterday’s hearing, Matthew Olsen, assistant attorney general of the Justice Department’s National Security Division, would not confirm which three nation-states were involved..."
- “Karen Crowley, director of solutions marketing at Deep Instinct, said the attack on the U.S. federal court system has dispelled any doubts about the significance of a cyberattack against even the largest organizations."
Read More
Pro-Russian cybercriminals briefly DDoS Congress.gov, District of Columbia
Breach Type –
Hacking, DoS
CYBER SCOOP
July 8th, 2022
- “A pro-Russian cybercrime group attacked the Congress.gov web domain Thursday, resulting in temporary down time that “briefly affected public access,” the Library of Congress told CyberScoop Friday.”
- “KillNet — a pro-Russian group that has launched a series of distributed denial-of-service attacks on targets around the world perceived as hostile to the Russian government — posted a video that included a 503 error page alongside an image of President Joe Biden.”
- “A spokesperson for the Library of Congress, which administers the domain, told CyberScoop in an email that the site suffered a DDoS “network attack that briefly affected public access,” adding that the site was “intermittently affected” starting at about 9 p.m. Thursday and returned to normal operation just after 11 p.m.”
- “The Library of Congress used existing measures to address the attack quickly, resulting in minimal down time,” the spokesperson said. “The Library’s network was not compromised and no data was lost as a result of the attack.”
Read More
Vendor Outage Impacts District of Columbia Paid Family Leave System and Virtual One-Stop
Breach Type –
Unknown, Malware
DOES DC
July 6th, 2022
- “…the vendor that operates the District’s Paid Family Leave (PFL) Benefits Administration System and the Virtual One-Stop (VOS), is experiencing a service interruption impacting PFL system operations and does.dcnetworks.org.”
- “The service interruption has resulted in PFL claimants being unable to file new claims, modify existing claims and has delayed scheduled benefit payments this week. The system outage is also preventing customers from conducting job searches or completing career assessments in the VOS system.”
- “According to GSI, there was no data breach, and the personal information of users has not been compromised. More than 35 states have been affected.”
Read More
D.C. Unemployment Recipients are Being Targeted by Official-Looking Scam Emails, District of Columbia
Breach Type –
Phishing, Data Breach
dcist.com
August 31st, 2021
-
“Numerous recipients of unemployment benefits in D.C. have received suspicious emails from D.C. government accounts over the last two weeks, indicating a possible intrusion into city computers by scammers attempting to coax confidential information from people with information in official databases.”
-
“Each of the emails was sent from DC.gov accounts belonging to actual city workers, some of whom work for the Department of Employment Services — which handles unemployment benefits — and others who do not.”
-
“…another email was sent from the account of Shanta Suggs, who works at DOES as a compliance investigator. It asked the recipient to text a New York number for further information on how to collect an additional benefits payment. DCist/WAMU sent a text to the number, and received a response requesting copies of “supporting documentation such as front and back of your driver license along with your [Social Security number] or SSN card to process your claim.”
-
“The D.C. Office of the Chief Technology Officer investigated reports of compromised D.C. Government email accounts that were used to collect information from members of the public. The team locked the accounts and prevented further action from being taken,” said Parker. “D.C. Government is in the process of contacting members of the public who responded to these compromised accounts so that they can take action to protect themselves.”
-
“Parker added that the city has not been immune to the “continued nationwide trend of cyber criminals taking advantage of UI claimants,” and asked that anyone who receives a suspicious email report it. For her part, Silverman urges people never to share personal identifying information over email or text message.”
Read More
U.S. State Department reportedly hit by serious cyber-attack, District of Columbia
Breach Type –
Hacking, Other
TechRadar
August 23rd, 2021
-
“The US Department of Defense’s (DoD) Cyber Command has notified Congress that the State Department was hit by a cyber-attack…”
-
“The Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected. For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time,” a State Department spokesperson told Heinrich.”
-
“..the attack, which supposedly happened a couple of weeks ago, hasn’t had any detrimental impact on the State Department’s ongoing evacuation mission in Afghanistan.”
Read More
U.S. Department of Commerce, District of Columbia
Breach Type –
Hacking, Data Breach
Reuters
December 13th, 2020
-
Russian bad actors believed to have monitored US Treasury email
-
Commerce Department confirmed an attack occurred
-
SolarWinds updates were possible key to hacker's attempts
Read More
US Department of Veteran's Affairs Office of Management, District of Columbia
Breach Type –
Hacking, Other
Navy Times
September 14th, 2020
-
Roughly 46,000 veterans had private information leaked following cyberattack
-
VA Office of Finance disabled payment system amid security concerns
-
Bad actors diverted payments away from beneficiaries
Read More
U.S. Health and Human Services Department, District of Columbia
Breach Type –
Hacking, Other
Bloomberg
March 16th, 2020
-
Foreign bad actor believed to be behind coordinated cyberattack
-
Health and Human Services servers were hit with DDoS
-
Cyberattack failed to achieve its goal, HHS remained unaffected
Read More
U.S. Federal Depository Library Program Website, Washington DC
Breach Type –
Hacking, Other: Website Defacement
CBS News
January 4th, 2020
-
Federal website defaced with pro-Iranian message
-
Officials were unable to determine affiliation of bad actors
-
Senior government official dismissed attack as unimportant
Read More
D.C. Government
Breach Type - Phishing, Other
Washington Post
October 22nd, 2018
- Treasury Department investigating phishing schemes in July
- Hackers infiltrated communication with a construction vendor & impersonated vendor
- A D.C. government department processed payments to fraudulent vendor through electronic wire transfer
- $700,000 lost as a result of fraudulent transfer, currently no money has been recovered
Read More
Defense Department
Breach Type - Hacking, Data Breach
phys.org
October 13th, 2018
- Defense Department experiences cyber breach of travel records
- Hackers compromised personal information and credit card data of U.S. Military and civilian personnel
- Breach potentially affected at least 30,000 workers
- No classified information compromised
Read More
Capitol Hill
Breach Type - Ransomware
The Intercept
May 10th, 2016
- Hackers attempt at infiltrating congressional computers
- Hackers used a series of email hacks through Yahoo and Gmail
- House had parts of Wi-Fi and Ethernet on lockdown
Read More
BACK TO TOP
