Group of Hackers releases thousands of names and job titles supposedly belonging to FBI, DHS employees
A hacker group known as DotGovs tweeted on Monday a link to what it claims is a directory of over 20,000 FBI employees. The data, encrypted with the password "lol," includes names, job titles, phone numbers, states, and email addresses for 22,175 people.
The leak comes just 24 hours after the same group posted a link to what it claimed was a directory of 9,372 Department of Homeland Security employees.
The FBI list, in alphabetical order by last name and ending in the J's, includes nearly 1,300 intelligence analysts and nearly 1,800 special agents. The DHS list ranges in last name from A to Z and contains roughly 100 intelligence analysts.
The list of names and phone numbers could aid targeting efforts by bad actors looking to launch future attacks, and it could mean that DOJ employees answering the phone to someone who knows their name can no longer be confident that the caller was necessarily a well-informed insider. Alternatively, hackers might seek out "soft targets" in the list like administrators who might have less training in dealing with intelligence threats.
But The Guardian reported that "an official likened it to stealing a years-old AT&T phone book after the telecom had already digitized most of its data." Other officials reportedly admitted that there should not be such a simple process through which attackers could obtain a token. How it happened
An anonymous member of DotGovs told Motherboard of the coming leaks before they were published. The hacker claimed to have obtained access to a Department of Justice web portal through fairly basic techniques: First, the hacker managed to compromise the email account of a DOJ employee, then he or she called an internal department and asked for help accessing their intranet web portal and was obliged. From there, the hacker claimed to have access to a terabyte of data and to have downloaded 200 gigabytes of it.
"I see no reason why the data would be 'fake,'" Patrick Wardle, director of research at cybersecurity firm Synack. He referenced an entry in the FBI list and found that the individual named was quickly shown by a public records search to have been in recent years a state police trooper with a six-figure salary and a listed phone number matching the FBI's Boston office. "[It] seems reasonable that he’s now working at or for the FBI in Boston."
Alex McGeorge, a senior security researcher specializing in penetration testing at Immunity Inc., another cybersecurity firm, had reservations about some of the hacker's self-reported methods. McGeorge doubted the hacker's claim that he or she had access to a terabyte of data as they hadn't provided any documents that couldn't have originated from a compromised email account alone.