Hackers Breached A Key Homeland Security Network. The U.S. Government Is Racing To Find Out How. | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


The U.S. government is investigating yet another significant cybersecurity breach after hackers infiltrated a key Department of Homeland Security (DHS) information-sharing platform used by thousands of government agencies and private sector partners.

The intrusion targeted the Homeland Security Information Network (HSIN), a platform that enables federal, state, local, tribal, and territorial agencies, as well as certain private sector organizations, to exchange sensitive but unclassified information related to public safety, emergency response, and national security, according to people familiar with the matter who spoke to Nextgov/FCW, which first reported the breach.

Investigators are still trying to determine who was behind the cyberattack and whether any documents or operational data were stolen. According to the report, the breach is believed to have occurred sometime between late May and early June, with hackers targeting HSIN servers and a SharePoint collaboration system used by partner agencies.

“The Department of Homeland Security is aware of a recent cyber incident involving a specific, unclassified legacy information sharing environment,” a DHS spokesperson said in a statement. “We immediately took action to isolate the affected systems, mitigate the vulnerability, and launch a comprehensive forensic investigation.”

“There is no indication that classified networks were impacted, and the system remains operational for our partners. As this is an ongoing investigation, we cannot provide further operational details at this time,” the spokesperson added.

HSIN serves as one of the federal government’s primary collaboration platforms, allowing approved users to exchange information during emergencies and large public events. The system also facilitates the sharing of information about persons of interest, potential threats and incident management, helping agencies maintain situational awareness across jurisdictions.

The timing of the breach has drawn particular attention because it comes as the United States is hosting matches for the 2026 FIFA World Cup, one of the largest international sporting events ever held in North America. Security for the tournament requires extensive coordination among federal agencies, state and local law enforcement, emergency managers, and international partners.

Although officials have not said that World Cup-related information was accessed, cybersecurity experts note that a compromise of a platform like HSIN could potentially provide attackers with insight into security planning, emergency response procedures, and communications among agencies responsible for protecting major public events.

It is not the first time HSIN has experienced security problems. In 2023, an access misconfiguration caused by a contractor’s coding error exposed restricted information to unauthorized users within the platform, according to an internal memo previously obtained by Nextgov/FCW.

The error allowed sensitive U.S. person information and other personally identifiable data intended for a limited group of authorized users to become visible to a broader audience inside the system. The full impact of that exposure has never been publicly disclosed.

The latest breach comes amid a broader wave of cyber campaigns targeting U.S. government systems. Federal agencies have repeatedly warned that nation-state hackers and sophisticated criminal groups continue attempting to infiltrate government networks to gather intelligence, steal sensitive information, and establish long-term access to critical infrastructure.

Earlier this year, Nextgov/FCW reported that a suspected China-linked cyberattack compromised an FBI surveillance system, potentially exposing phone numbers associated with individuals under federal monitoring.

The Cybersecurity and Infrastructure Security Agency has consistently identified foreign governments, including China, Russia, Iran, and North Korea, among the most persistent cyber threats facing U.S. government networks and critical infrastructure. While no attribution has been made in the HSIN breach, investigators are conducting a forensic analysis to determine how attackers gained access and whether data was removed from the system.



Click Here For The Original Source.

——————————————————–

..........

.

.

National Cyber Security

FREE
VIEW