US Department of Homeland Security
The US Department of Homeland Security (DHS) announced that the personally identifiable information (PII) of approximately 247,167 current and former federal employees employed by DHS in 2014 was exposed as a result of a privacy incident discovered during an ongoing criminal investigation. The information exposed includes names, Social Security numbers, birth dates, positions, grades, and duty stations. In addition, individuals associated with DHS Office of the Inspector General (OIG) investigations between 2002 and 2014 were impacted, including both DHS and non-DHS employees. The breach was not the result of an external cyber-attack; however, the leaked data was discovered in an unauthorized copy of the DHS OIG investigative case management system that was in the possession of a former DHS OIG employee. DHS sent notification letters to affected individuals and is offering them 18 months of free credit monitoring and identity protection services. The NJCCIC recommends impacted individuals review the DHS press release and notification letter and enroll in the free credit monitoring service provided.