On Monday, Feb. 8, an anonymous hacker–who may be part of a larger operation–published a list of 20,000 FBI employees which included their names, phone numbers, email addresses and titles. This came shortly after the hacker posted a similar list of 9,000 Department of Homeland Security officers. The FBI in total employs 35,000 people according to their website, so 57% of all FBI employees have had their personal data breached.
While there’s no putting the genie back in the bottle once a data breach occurs, there are things both individuals and responsible companies can do to mitigate future damages.
One of the most important actions to take is making sure the personal information that was exposed in the breach doesn’t augment other easily-available information, giving hackers and others access to a “fuller profile” view of a person. Abine’s DeleteMe service helps remove the additional personal information that is most easily discovered and purchased about individuals to give hackers, stalkers and other criminals more data. Individuals can subscribe and have Abine do this for them for about $100/year or do it themselves for free–we even provide a guide to help individuals.
DeleteMe is already used by many law-related entities and at-risk personnel including members of the California Judges Association, the SF trial lawyers association, the NJ State Bar Association, the National Network to End Domestic Violence and more.
DeleteMe is also used by executives in nearly 50% of the top U.S. publicly traded technology firms.
How this FBI data breach happened
The hacker sent the list to Motherboard and posted it on Twitter. The hacker’s Twitter feed, @DotGovs, is filled with comments about breaking into the Justice Department’s server and the hashtag #FreePalestine. On Feb. 7, they noted that the Justice Department “finally realized their computer has been breached after 1 week.”
This comment and the published list raises several concerns. First, this is reportedly not the first attack of its kind in recent months. A hacking group called CWA, or Crackas With Attitude (any rap fans get the reference?), has released several lists containing sensitive information of law enforcement and government employees. Second, these repeated attacks show that the United States government is not following information security procedures to protect themselves, according to information security expert Michael Adams.
There will always be hackers who attempt to access sensitive information and exploit it, but you can protect yourself. This is a great reminder to take control of your personal information and online security by creating strong, secure passwords for all accounts and not sharing them with others. You can also delete personal information that has been posted on leading data sites, and while it can be a tricky process, DeleteMe can help you erase the personal information that you don’t want others to see–and information that could be artfully combined with existing information to perpetrate identity theft or other crimes where knowing more about someone opens up new risks and threats to them.