Vulnerability Management

Hackers deface 49 U.S. House websites

Hackers defaced 49 websites belonging to U.S. House of Representatives' members and committees soon after President Obama delivered his State of the Union address on Wednesday night.

The websites for Reps. Charles Gonzalez, D-Texas; Spencer Bachus, R-Ala.; and Brian Baird, D-Wash., were among those defaced with profane messages directed at the president, researchers at Praetorian Security Group, a managed security services and consultancy, wrote in a blog post Thursday.

Jeff Ventura, spokesman for the Office of the Chief Administrative Officer in the U.S. House, told on Thursday that all of the affected sites were managed by Virginia-based GovTrends, a web solutions provider.

“We are working with GovTrends to understand exactly how the hack happened,” Ventura said. “We have some idea already. We think it happened around an upgrade they were doing to their system.”

Poll: Has your organization's website ever been defaced?

A similar issue occurred last August, when 18 House sites that were managed by GovTrends were defaced, Ventura said.

GovTrends did not immediately respond to a request for comment made Thursday.

Those claiming responsibility for the defacements are a group of hackers from Brazil called the Red Eye Crew, which are responsible for thousands of other website hacks, according to Praetorian Security Group. The Red Eye Crew has previously defaced hundreds of Brazilian government sites and the website of Old Dominion University in Norfolk, Va.

In addition, several committee sites were affected Wednesday: the Financial Services Committee, the Committee on Oversight and Government Reform, and the Committee on House Administration.

“None of the sites we host and manage internally at the House are impacted,” Ventura said. “It was through no action of ours that this breach occurred. We are currently discussing what sort of actions we will take in light of this.”

Each member can opt to have their site hosted and managed internally or by a third-party vendor, Ventura said. Those who have their sites managed by GovTrends have their own contracts with the vendor.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.