The Division of Homeland Safety (DHS) could have been breached… with hundreds of ICE contracts uncovered.
A self-described hacktivist group known as “Division of Peace” claims it hacked Homeland Safety programs and revealed inside contractor data tied to ICE. The group launched the information on Sunday, March 1, by way of a whistleblower web site.
The data, hosted on the Distributed Denial of Secrets and techniques (DDoSecrets) web site, determine hundreds of firms linked to federal immigration enforcement contracts. Firms listed embody know-how corporations Microsoft and Oracle. Others embody knowledge intelligence firm Palantir and protection contractors Raytheon and Anduril.
The DHS has not publicly confirmed the intrusion.
Scope and substance
TechCrunch confirmed the hacktivist group claimed the data got here from the DHS Workplace of Trade Partnership.
In a message accompanying the file launch, the group cited what it described as illegal ICE operations and stated it aimed to reveal firms supporting the company. The message referenced the deaths of Alex Pretti and Renee Good, which sparked protests in Minneapolis.
“Why hack the DHS? I can consider a pair Pretti Good causes!
I’m releasing this as a result of the DHS is killing us and other people need to know which firms assist them and what they’re engaged on.”
Emphasizing the leak’s whole scope, the group’s message additionally famous:
“I’m disclosing a listing containing the small print of 6,681 organizations that utilized for contracts with the U.S. Division of Homeland Safety.”
The leak included two totally different recordsdata: one itemizing all candidates, and a second itemizing solely those that acquired contracts.
The leaked data reportedly include a number of classes of delicate knowledge, together with:
- Firm names
- Firm URLs
- Names of varied staff and generally their titles
- Enterprise and doubtlessly private addresses
- Worker telephone numbers
- Worker e mail addresses
- Tax identification numbers, together with employer identification numbers and doubtlessly SSNs
- Different authorities contractor IDs, equivalent to UEI numbers and CAGE codes
- Some inside feedback by DHS workers concerning issues like updates to the data above
Reactions to this point
As of publication, the DHS hasn’t debunked or validated the hack claims. Nonetheless, it’s unsure whether or not the whole file got here from a breach or was compiled from totally different on-line sources.
A safety researcher, Micah Lee, created a GitHub web page structuring the data for straightforward entry. It affords the choice to look by totally different filters and lists firms primarily based on their contract quantity. Cyber Apex Options, LLC, topped the record with the best allocation: $70 million in whole.
TechCrunch additionally famous that the highest three firms by allocation, together with DHS and ICE, haven’t responded to requests for remark.
Additionally learn: In January, leaked knowledge uncovered hundreds of Border Patrol and ICE brokers after the Renée Good taking pictures.
