Department of Defense agency that oversees military communications and presidential calls was HACKED in 2019 exposing 200,000 people’s private information including social security numbers
- The Defense Information Systems Agency confirmed a data breach in 2019
- The agency is a part of the Department of Defense and oversees communications for the military as well as presidential communications
- The agency sent out letters to people exposed, offering free credit monitoring
This month, the US Department of Defense sent out letters to people whose personal information had been exposed by a ‘data breach’ at one of its agencies.
The attack targeted the Defense Information Systems Agency’s (DISA) computer systems and is believed to have taken place between May and July of 2019.
DISA has more than 8,000 military and civilian employees, who oversee information sharing and communication technology for the Department of Defense,
The Defense Information Systems Agency, a part of the Department of Defense that oversees military communications, information sharing, and presidential calls, announced it had been hacked in 2019
The agency’s work includes oversight on presidential communications and calls to Donald Trump.
The Department of Defense has declined to say what they know the identity of the hackers.
The department has confirmed that personal information of more than 200,000 people was exposed, according to a report in TechCrunch.
‘The Defense Information Systems Agency has begun issuing letters to people whose personally identifiable information may have been compromised in a data breach on a system hosted by the agency,’ DISA spokesperson Charles Prichard said.
‘While there is no evidence to suggest that any of the potentially compromised PII was misused, DISA policy requires the agency to notify individuals whose personal data may have been compromised.’
DISA, which employs around 8,000 military personnel and civilians, won’t say whether they’ve identified those responsible for the breach, nor what their motive was, but it’s believed to have occurred between May and July of 2019
Earlier this month, DISA sent out letters alerting people whose personal information had been exposed, offering free credit monitoring services as compensation
News of the hack began to spread earlier this week, when people began to post pictures of the breach letter they’d received from DISA on Twitter
‘DISA has conducted a thorough investigation of this incident and taken appropriate measures to secure the network.’
The agency began sending these letters to people on February 11th, offering free credit monitoring services to help make amends for the violation of privacy.
Andy Piazza, who works with the cybersecurity and intelligence firm Phia LLC, posted a copy of the letter he received from DISA to Twitter on February 18th.
‘Awesome,’ he wrote. ‘Got another #PII #breach letter from DoD. Is this like pokemon where I want to catch them all?’
The agency hasn’t commented on whether the hack affected any classified information but the exposed personal information is believed to have included social security numbers among other information.
HOW CAN I CHOOSE A SECURE PASSWORD?
According to internet security provider Norton, ‘the shorter and less complex your password is, the quicker it can be for the program to come up with the correct combination of characters.
The longer and more complex your password is, the less likely the attacker will use the brute force method, because of the lengthy amount of time it will take for the program to figure it out.
‘Instead, they’ll use a method called a dictionary attack, where the program will cycle through a predefined list of common words that are used in passwords.’
Here are some steps to follow when creating a new password:
- Use a combination of numbers, symbols, uppercase and lowercase letters
- Ensure that the password is at least eight characters long
- Use abbreviated phrases for passwords
- Change your passwords regularly
- Log out of websites and devices after you have finished using them
- Choose a commonly used password like ‘123456’, ‘password’, ‘qwerty’ or ‘111111’
- Use a solitary word. Hackers can use dictionary-based systems to crack passwords
- Use a derivative of your name, family member’s name, pet’s name, phone number, address or birthday
- Write your password down, share it or let anyone else use your login details
- Answer ‘yes’ when asked to save your password to a computer browser