Agency in Charge of White House Communications Hit By Cyber Attack
Reports are emerging that the agency responsible for securing the top-secret communications in and out of the White House have been hit by a cyber attack.
The Department of Defense has confirmed that the network belonging to the Defense Information Systems Agency (DISA) were breached by an unauthorised third-party, exposing the personal information of as many as 200,000 people.
The department’s vision is to be “the trusted provider to connect and protect the war fighter in cyberspace,” and has 8,000 military and civilian employees.
The data accessed on those 200,000 individuals is said to be the names and social security numbers of staff, contractors and even high-ranking officials; the agency is responsible for securing the communications of both President Donald Trump and the military.
A spokesperson from the US Department of Defense refused to confirm the identity of the third-party that launched the hack, but did tell the BBC that “DoD networks are under attack daily and the department maintains an active posture to thwart those attacks.”
Individuals implicated in the data breach have been notified, with the agency reiterating that there was “no evidence” that their information had been misused for fraudulent purposes.
Andy Piazza, a cyber threat analyst and US military veteran was one of those notified by DISA that their data had been compromised, and he posted the letter he had received from the department, signed by Roger Greenwell, DISA’s Chief Information Officer on Twitter.
The letter stated that “during the May to July 2019 timeframe, some of your personal information, including your social security number, may have been compromised in a data breach on a system hosted by the Defense Information Systems Agency (DISA).”
“While there is no evidence to suggest that your PII was misused, DISA policy requires the agency to notify individuals whose personal data may have been compromised. We take this potential data compromise very seriously. As a result, we have put additional security measures in place to prevent future incidents and we are adopting new protocols to increase protection of all PII.”
The agency has also offered to compensate those implicated in the data breach with free credit monitoring services to mitigate the risk of identity and financial fraud for those individuals.