Hacks of US Department of State email server and Data Stolen
The latest agency to be hacked is the Department of State US government agency. All the data are stolen from the email servers.
The hack was reported to employees by the department in an email on 7th Sep. Reported by Politico it first stated that they have found “activity of concern affecting less than 1 percent of employee inboxes.”
The State Department confirmed the breach and in a statement released said “We have determined that certain employees’ personally identifiable information (PII) may have been exposed,” the email is claimed to have said. “We have notified those employees.”
The department emphasized that the data breach pertained to an unclassified email server and did not involve the theft of classified information. The department is working with other government agencies to know the source of the attack, and in the meantime will bringing in some private sector security firm to assist in the investigation.
Ryan Wilk, vice president of customer success at NuData Security Inc., told SiliconANGLE that governments and online companies that provide services online must secure all the links in their security chain.
“Bad actors look for the weakest point to access information, so companies have to be extra diligent in keeping their security up to date on all placements. Additionally, companies that identify users online need to devalue the data that bad actors steal and use to misrepresent legitimate users – as they do in account takeover attacks,” said Ryan Wilk, vice president of customer success at NuData Security Inc. Talking to an online portal SiliconANGLE he reiterated how the governments and online companies provide services online must secure all the links in their security chain.
“This is particularly true of governmental groups that are supposed to be serving citizens and protecting their personal information. Unfortunately, despite the amount and type of data that these organizations handle, many are unprepared when it comes to cybersecurity. Institutions that expose data lose the trust of employees and consumers, while individuals who have their information stolen may be forced to grapple with the long-term effects of identity theft,” said Rich Campagna, chief marketing officer at Bitglass Inc., he was of the opinion that there’s little room for error.
Campagna further suggested that governmental organizations must adopt modern security technologies. “Dynamic identity management solutions, for instance, can verify users’ identities, detect potential intrusions, and enforce multi-factor authentication in a real-time”.
Kevin Jones612 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others. He holds prestigious certifications like OSWP, OSCP, ITIL. His goals in life are simple - to finish her maiden business venture on Cybersecurity, and then to keep writing books for as long as possibly can and never miss a flight that makes the news.