The US Department of State is investigating allegations of a cyber attack, after leak of documents allegedly stolen from a government contractor.
The company said to have been hacked and which owns the stolen goods data is the Acuity, a technology consulting firm with nearly 400 employees and annual revenues of $100+ million. The company provides services DevSecOps, IT operations , cybersecurity, data analytics and operations support services to federal, civilian, civilian clients engaged in national security.
“The Ministry is aware of allegations of an incident in the cyberspace and conduct an investigation at present", a State Department spokesman told BleepingComputer.
See also: 61% of Data Leaks in 2023 were associated with Malware
The Ministry stressed that it would not give details of the investigation being carried out, for reasons of Security. He also said that the data protection is of paramount importance and that it is continuously taking steps to improve its position in the field of cybersecurity.
The leak of documents belonging to the US government contractor allegedly became by a cybercriminal known as IntelBroker, which says that the files contain classified information belonging to the Five Eyes alliance.
In his words, the exposed data include full names, email, email addresses, office numbers and personal mobile numbers of government, military and Pentagon officials.
IntelBroker has also notified screenshots certain allegedly stolen documents, to bolster the credibility of his claims.
“Today, I am releasing documents belonging to the Five Eyes Intelligence Group", says the attacker in a post on hacking forum. "This data was obtained through a breach of Acuity Inc, a company that works directly with the US government and its allies“.
See also: OWASP reveals that it suffered a data leak
This is not the first time IntelBroker has leaked data allegedly stolen from or belonging to government agencies. For example, there have been similar leaks with data of ICE & USCIS, the Department of Defense and the US Army.
It is not known whether these incidents are related to the Five Eyes data leak. However, some of the data leaked in the ICE/USCIS forum publication is also contained in the Five Eyes publication.
IntelBroker came to prominence after the breach of DC Health Link, the agency that administers the health care plans for members of the US House of Representatives, their staff and their families. Other security incidents associated with it include breaches of Hewlett Packard Enterprise (HPE), Weee! and General Electric Aviation.
If the hacker's allegations of leaking government contractor documents are true, it significantly affects the US national security. These documents shall contain sensitive information that can be used by other countries or criminal organizations to prepare attacks or exploit U.S. weaknesses.
The leakage of documents may undermine the confidence of US allies and partnersas it may reveal information that should remain confidential. This may lead to a loss of strategic alliances or to the isolation of the US on the international scene.
See also: Scottish National Health Service: INC Ransom hackers threaten data leak
Then, it can be and affect the internal politics of the country, as it may reveal information that can be used for political exploitation or to cause division and unrest.
Finally, the leakage of documents can lead to loss of public confidence in the US government and security agencies, as it may reveal cases of inadequate protection of data or even corruption.
Source : www.bleepingcomputer.com
