The Department of Homeland Security (DHS) may have been breached… with thousands of ICE contracts exposed.A self-described hacktivist group called “Department of Peace” claims it hacked Homeland Security systems and published internal contractor records tied to ICE.The group released the data on Sunday, March 1, via a whistleblower website.
The records, hosted on the Distributed Denial of Secrets (DDoSecrets) website, identify thousands of companies connected to federal immigration enforcement contracts.Companies listed include technology firms Microsoft and Oracle.Others include data intelligence company Palantir and defense contractors Raytheon and Anduril.
The DHS has not publicly confirmed the intrusion.Featured Partners Advertisement TechRepublic is able to offer our services for free because some vendors may pay us for web traffic or other sales opportunities.Our mission is to help technology buyers make better purchasing decisions, so we provide you with information for all vendors — even those that don’t pay us.
1 Corsica Technologies Visit Website Company Size Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Activity Monitoring, Antivirus, Blacklisting, and more 2 Graylog Visit Website Company Size Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Small, Medium, Large, Enterprise Features Activity Monitoring, Dashboard, Notifications 3 Ready1 Visit Website Company Size Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Small, Medium, Large, Enterprise Features Incident Management Scope and substance TechCrunch confirmed the hacktivist group claimed the records came from the DHS Office of Industry Partnership.In a message accompanying the record release, the group cited what it described as unlawful ICE operations and said it aimed to expose companies supporting the agency.The message referenced the deaths of Alex Pretti and Renee Good, which sparked protests in Minneapolis.
“Why hack the DHS? I can think of a couple Pretti Good reasons! I’m releasing this because the DHS is killing us and people deserve to know which companies support them and what they’re working on.” Emphasizing the leak’s total scope, the group’s message also noted: “I’m disclosing a list containing the details of 6,681 organizations that applied for contracts with the U.S.Department of Homeland Security.” The leak included two different files: one listing all applicants, and a second listing only those who received contracts.The leaked records reportedly contain several categories of sensitive data, including: Company names Company URLs Names of various employees and sometimes their titles Business and potentially personal addresses Employee phone numbers Employee email addresses Tax identification numbers, including employer identification numbers and potentially SSNs Other government contractor IDs, such as UEI numbers and CAGE codes Some internal comments by DHS staff regarding things like updates to the information above Must-read security coverage UK Police Convicts Pair in £5.5 Billion Bitcoin Launder Case Blackpoint Cyber vs.
Arctic Wolf: Which MDR Solution is Right for You? How GitHub Is Securing the Software Supply Chain 8 Best Enterprise Password Managers Reactions so far As of publication, the DHS hasn’t debunked or validated the hack claims.However, it’s uncertain whether the entire record came from a breach or was compiled from different online sources.A security researcher, Micah Lee, created a GitHub page structuring the records for easy access.
It offers the option to search by different filters and lists companies based on their contract amount.Cyber Apex Solutions, LLC, topped the list with the highest allocation: $70 million in total.TechCrunch also noted that the top three companies by allocation, including DHS and ICE, have not responded to requests for comment.
Also read: In January, leaked data exposed thousands of Border Patrol and ICE agents after the Renée Good shooting.Subscribe to the Cybersecurity Insider Newsletter Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.Delivered every Monday, Tuesday and Thursday Subscribe to the Cybersecurity Insider Newsletter Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered every Monday, Tuesday and Thursday
Read More
