The US Department of Energy has again been hacked, having previously fallen to an attack this February.
The DoE is notifying employees that hackers have gained personal information on 14,000 current and former staff, with the data including names and social security numbers.
The hack is said to have taken place late last month, and those affected are being warned about the potential danger of identity theft with their personal information now in the wild. The previous hack also involved the theft of personal data and affected several hundred staff.
The Wall Street Journal reports the attackers were able to get into the DoE systems by hacking into a human resources system, which included payroll data.
The SANS Institute, a cyber security research organisation, said such attacks can see hackers collect personal information to try and control sensitive US networked infrastructures, like that of the DoE, through compromised log-ins and passwords.
A hacker for instance, could use the personal information of an employee to try and get a new network or database password from the IT department.
In a memo confirming the attack, the DoE said, "No classified data was targeted or compromised. Once the full nature and extent of this incident is known, the Department will implement a full remediation plan."
The DoE said it will be paying the costs of identity theft protection to those affected by the data loss.
Posts
No comments:
Post a Comment