TRENDING:

Energy Department HQ Computers Hacked

Personal Data of Hundreds of Employees, Contractors Exposed Eric Chabrow (GovInfoSecurity) • February 5, 2013    
Energy Department HQ Computers Hacked

The U.S. Department of Energy confirms that hackers penetrated its headquarters computer network in mid-January, and the personally identifiable information of several hundred department employees and contractors was exposed.

See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources

DoE officials remained mute about the incident until a Feb. 1 memo sent to employees and contractors describing the breach was leaked this week.

In a statement, DoE says the department's cybersecurity team, the Office of Health, Safety and Security and the Inspector General's office are working with federal law enforcement to promptly gather detailed information on the nature and scope of the incident and assess the potential impacts to DoE staff and contractors. Based on the findings of this investigation, the statement says, no classified data were compromised.

The department says it will implement a full remediation plan once the full nature and extent of the incident is known.

Energy officials promise to make an "aggressive effort" to reduce the likelihood of these events occurring again. These efforts include leveraging the combined expertise and capabilities of DoE's Joint Cybersecurity Coordination Center to address this incident, increasing monitoring across all of the department's networks and deploying specialized defense tools to protect sensitive assets, the statement says.

In the memo to employees and contractors, DoE pledges to notify each individual whose PII was exposed and offer assistance on steps they can take to protect themselves from potential identity theft.

DoE, in the memo, reminds stakeholders to follow best practices, including encrypting all files and e-mails containing personal or sensitive information, including files stored on hard drives or on the shared network, not storing or e-mailing non-government related PII on DoE network computers.

"Cybersecurity is a shared responsibility," the memo says, "and we all play an important role in maintaining the integrity and security of our networks."

Previous
Retail Breach Tied to Global Fraud
Next
NIST Updating Security Controls

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.



Around the Network

Top Privacy Considerations for Website Tracking Tools
Top Privacy Considerations for Website Tracking Tools
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
Checking Out Security Before Using AI Tools in Healthcare
Checking Out Security Before Using AI Tools in Healthcare
CyberArk CEO Touts New Browser That Secures Privileged Users
CyberArk CEO Touts New Browser That Secures Privileged Users
What's Inside Washington State's New My Health My Data Act
What's Inside Washington State's New My Health My Data Act
Why Health Entities Need to Implement NIST Cyber Framework
Why Health Entities Need to Implement NIST Cyber Framework
Efficient Management of Enterprisewide Data Protection
Efficient Management of Enterprisewide Data Protection
Integrating Generative AI Into the Threat Detection Process
Integrating Generative AI Into the Threat Detection Process
Why Legacy Medical Systems Are a Growing Concern
Why Legacy Medical Systems Are a Growing Concern

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.