Following the publication of data belonging to about 10,000 Department of Homeland Security workers, hackers have now published the contact info belonging to 20,000 FBI workers, information they acquired by breaching a Justice Department database. The hackers also poked fun at Homeland Security, saying in a tweet that it took it a week to realize that it has been breached. As well, the hackers dropped a #FreePalestine hashtag into some of their tweets.
The Twitter account posted its first tweet on January 30, which simply reads: “Change your thoughts, and you change the world.” The account itself reads “F**k your government" and lists its location as Palestine. The account’s second tweet didn’t arrive until February 7, and it reads: “well folks, it looks like @TheJusticeDept has finally realized their computer has been breached after 1 week.”
That led shortly after to another tweet containing a link to an encrypted text file and a password to decrypt it. Data includes first and last name, job role in the DHS, phone number, location, and email address. It doesn’t appear anything like Social Security numbers or mailing addresses were posted, however.
A few tweets later, the @DotGovs account promised to release the “20,000 FBI employees data, including ones outside US.” A screenshot mentioning The Justice Department shows drives titled “Civil Division Common Drive,” “Application Folders,” and “Litigation Support.”
The hack appears to be politically motivated, per the tweet below:
Finally, after several more tweets, another was published similar to the DHS one, only with a link to the FBI workers' details instead. The data is similar to the first release. A Department of Justice spokesperson said to CNN:
The department is looking into the unauthorized access of a system operated by one of its components containing employee contact information. This unauthorized access is still under investigation; however, there is no indication at this time that there is any breach of sensitive personally identifiable information. The department takes this very seriously and is continuing to deploy protection and defensive measures to safeguard information. Any activity that is determined to be criminal in nature will be referred to law enforcement for investigation.
It isn’t clear how the group got the information. Earlier today, US officials revealed that the Department of Justice and Homeland Security had been hacked, and that it appears to have been the work of someone impersonating a government employee. The agency did not elaborate on what that means, though.