Government, Incident and Breach Response, Industry-Specific
Hackers claim to have leaked troves of Environmental Protection Agency records
Chris Liotta (@Chris Liotta) •
April 8, 2024
The U.S. Environmental Protection Agency is investigating claims that notorious government hackers leaked large amounts of contact information from the agency's database of critical infrastructure contractors.
Related item: Zero Trust Unleashed: Keeping Government Secrets Safer Than the Crown Jewels
The attackers, known as USDoD, released 500 megabytes of contact information and other data from the EPA's database on a publicly accessible hacking forum on Sunday. Information Security Media Group said the post remained publicly available on the forum as of Monday afternoon, and is a compressed file that it claims contains everything from names and email addresses to information about agency contractors' addresses. I confirmed that it was featured.
“Hello Breachforums. This is your favorite TA. Today we are proud to publish the epa.gov database of contact lists,” the post reads. “This is their entire contact list.” [critical infrastructure] Not just for the United States, but for the entire planet. ”
An agency spokesperson said the agency had conducted a “preliminary analysis” of the allegedly leaked data and that the records had already been released to the public to “provide a comprehensive picture of the environmental impact.” The company said it appeared to contain contact information for companies that
According to an analysis conducted by Hackread.com, the post in question included the EPA's entire global critical infrastructure contact list, with more than 15 million potentially relevant contacts to an estimated 8.5 million users. It claims to contain records of.
Hacking experts and security analysts have suggested the leaked records are legitimate, but the EPA has not confirmed their authenticity. The threat actors behind this alleged breach have previously targeted U.S. military and defense contractors, and in 2022 they have been using the names and electronic information of members of InfraGard, the FBI's public-private cybersecurity forum. I had an email address.
Analysts said the leak does not appear to include passwords to critical infrastructure systems, but the leak could make the individuals and organizations on the list vulnerable to phishing. Meanwhile, EPA is warning critical infrastructure owners and operators of the recent threat posed by state-sponsored threat actors to water and wastewater systems across the nation (see below). New guidance urges U.S. water sector to strengthen cyber resilience).
