The Latest Government Hack Is Bad, But Not As Bad As We Think

Shortly after the recent Office Of Personal Management data hack, word surfaced on the Dark Net – essentially the hidden Internet – that some of the personal records were for sale. According to security expert Brian Krebs, however, this data could be less damaging than first thought. This is not to say the release of any personal information isn’t a catastrophe. However, according to Krebs, the data for sale came from one organization, the Federal Prison Industries also known as Unicor.gov.

“Earlier this week, miscreants who frequent the Hell cybercrime forum (a “Deep Web” site reachable only via the Tor network) began passing around a text file that contained more than 23,000 records which appeared to be a user database populated exclusively by user accounts with dot-gov email addresses,” wrote Krebs. This data seems to be unconnected with the recent Chinese breach of the OPM and the subsequent theft of tens of thousands of pieces of government data. However, it’s clear that the Hell hackers are interested in making it seem like they have access to that data.

Instead what they probably have is data from Unicor.gov. By simply checking the email addresses in the data Krebs is fairly certain that these are in fact the spoils of an another intrusion of government servers in 2013. He asked Unicor and received this response:

“Since that time, the website software has been replaced to improve security. Assessments by proper law enforcement authorities were conducted to determine the extent of the incident, at the time it was discovered,” said Cantwell, who confirmed the incident hadn’t been previously disclosed publicly. “Limited individuals were deemed to be potentially impacted, and notifications were made as a precautionary measure. Federal Prison Industries is sensitive to ensuring the security of its systems and will continue to monitor this issue.”

The “website software” was Adobe’s ColdFusion. Yes. Really. Regardless, it seems that recent OPM breach hasn’t led to a sale of the stolen data and is instead an alleged effort by the Chinese government to collect intelligence on US employees. Cold(Fusion) comfort, to be sure, but at least the stolen data is still relatively safe.