The personally identifiable information (PII) of hundreds of U.S. Department of Energy (DOE) employees and contractors was accessed by intruders that breached DOE's networks.
On Monday morning, The Washington Free Beacon confirmed with unnamed government officials that the sophisticated attack indicated nation-state involvement. According to officials, the personal information of several hundred people was compromised in a mid-January breach where attackers infiltrated 14 computer servers and 20 workstations.
“Energy Department officials, along with FBI agents, are investigating the attack on servers at the Washington headquarters,” said the article. “They believe the sophisticated penetration attack was not limited to stealing personal information. There are indications the attackers had other motives, possibly including plans to gain future access to classified and other sensitive information.”
No classified information was compromised in the cyber attack, according to the Free Beacon. Government officials spoke with the publication – which also broke news last October that a spear phishing attack breached the White House's computer network – under the condition of anonymity.
The Free Beacon reported in both instances that attacks were likely the work of Chinese hackers, according to government officials. China is also thought to be behind attacks on the computer networks of The New York Times and The Wall Street Journal because of the newspapers' critical coverage of the country, namely the Times reporting on the fortune amassed by relatives of China's prime minister. China's government has denied involvement in the incidents, which came to light last week.
The hacktivist group Anonymous has also been considered as the potential culprit of the DOE attacks. A faction of the collective, called Parastoo, claimed Jan. 21 to dump DOE information on Pastebin. The Parastoo group said its motivation was to spur investigations into Israel's nuclear facilities.
On Monday, The New York Times “Bits” blog published the DOE email sent to employees to notify them of the incident. In the email, DOE confirmed that the breach occurred in mid-January and that more notifications would be sent once “more specific information is gathered regarding affected employees and contractors.”
DOE is working with its Joint Cybersecurity Coordination Center to enhance monitoring and protection of its networks. The agency also advised its employees to implement best practices, like encrypting all files and email containing sensitive information, and not storing or emailing non-government related PII on its network computers.