A new report suggests that Russian hackers managed to access over half a million government email addresses at the Department of Justice (DOJ) and Department of Defense (DOD) last spring.
As reported by the Daily Caller, over 600,000 emails were breached by a hacking group known as CI0p, which subsequently obtained links to government employee surveys and internal employee tracking codes for the DOJ and DOD from the Office of Personnel Management (OPM). This breach was revealed in a report that OPM submitted to the House Science, Space, and Technology Committee, which was made public by a Freedom of Information Act (FOIA) request.
Among the branches of the DOD that were affected were the Office of the Secretary of Defense, Air Force, Army, U.S. Army Corps of Engineers, and Joint Staff, as detailed in the eight-page report from OPM. The report described the hack as a “major incident,” but claimed that the information obtained by the hackers was “generally of low sensitivity,” adding that there was “no indication” that any links to surveys included in the breach were accessed by any unauthorized person.
Hackers were able to access the information by exploiting a vulnerability in the file transfer software MOVEit, which is utilized by Westat Inc., a contractor used by OPM for administering Federal Employee Viewpoint Surveys.
Other agencies fell victim to similar exploits of MOVEit, with the Department of Health and Human Services (HHS), Department of Agriculture, and Department of Energy (DOE) confirming earlier this summer that hackers had obtained email addresses and other information. DOE in particular was demanded a ransom by CI0p in exchange for the return of the information.
Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA) confirmed a large-scale attack by the ransomware group CI0p, but echoed the report’s determination that the information that was stolen would not present a “systemic risk” to national security.