Establishing Digital Trust: Don't Sacrifice Security for Convenience
The U.S. Department of Energy recently began notifying its employees via e-mail that hackers had accessed approximately 14,000 current and former employees' personally identifiable information (PII) in late July (h/t WSJ).
"The Department is strongly committed to protecting the integrity of each employee’s PII and takes any cyber incident very seriously," the e-mail states. "The Department’s Cybersecurity office, the Office of Health, Safety and Security and the Inspector General’s office are working with other federal law enforcement to obtain information concerning the nature of the incident. No classified data was targeted or compromised."
All those affected are being offered a free year of credit monitoring services.
Earlier this year, a separate attack on the Department of Energy provided hackers with access to several hundred employees' and contractors' personal information.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
SANS Institute founder Alan Paller told the Wall Street Journal that the attacks are part of a "long-term, intensive campaign to take over large numbers of systems to gain permanent access to sensitive U.S. systems."