A recent report by Bloomberg reveals that approximately 632,000 employee email addresses from the Justice and Defense departments were compromised in a data breach earlier this year. This incident is part of a series of data breaches attributed to a Russian-speaking criminal group, affecting various organizations, including airlines, universities, and other U.S. agencies. The breach exposed government employee email addresses and internal tracking data.
The breach, reported by Bloomberg, involved the unauthorized access to email addresses, links to government employee surveys conducted by the agency, and internal tracking codes. The Office of Personnel Management (OPM) provided this information, noting that the breach occurred through a file transfer program called MOVEit, utilized by the data firm Westat and employed by OPM for employee surveys.
The breach’s impact extended to the Defense Department, with officials from entities such as the Air Force, Army, Army Corps of Engineers, the Office of the Secretary of Defense, and the Joint Staff affected. This security incident transpired on May 28 and May 29. OPM classified it as a “major incident” despite the belief that the compromised data was generally of low sensitivity and not classified.
Notably, the breach underscores a broader issue as hackers have exploited vulnerabilities in the MOVEit file transfer software used by numerous government agencies. Beyond government entities, private companies like Shell and even the BBC, British Airways, Johns Hopkins University, the University of Georgia, and the Energy Department have fallen victim to data breaches. MOVEit is utilized by around a dozen U.S. agencies, according to Politico. The responsibility for these breaches has been attributed to the Russian-speaking ransomware group CLoP, which has claimed credit for other attacks involving MOVEit. The group estimated that it had hundreds of victims, as reported by the Associated Press. Jon Easterly, director of the Cybersecurity and Infrastructure Security Agency, stated in June that these hacks did not pose a “systemic risk to our national security or our nation’s networks.”
In a separate incident, the Oregon Department of Transportation suffered a significant data breach in June, impacting approximately 3.5 million residents. This breach exposed personal information such as social security numbers, dates of birth, physical addresses, and driver’s license data, underlining the continued challenges posed by cybersecurity threats.