Defense Information Systems Agency (DISA) Data Breach

By Jarren Buendia on February 28, 2020

Executive Statement:

According to multiple open sources, the DISA has issued letters to potential victims of a summer 2019 data breach. The letter states that due to the potential data breach of DISA information, victim’s names, social security numbers, and other personally identifiable information (PII) may have been compromised. The letters were dated 11 February 2020, and did not give any information about who is responsible, who has been affected, or what system was compromised.

Open Source Intelligence (OSINT) Details:

According to their website, “DISA is a combat support agency of the Department of Defense (DoD).” They employ more than 8,000 civilian and military personnel. In terms of support, the agency, “provides, operates, and assures command and control and information-sharing capabilities and a globally accessible enterprise information infrastructure in direct support to joint warfighters, national level leaders, and other mission and coalition partners across the full spectrum of military operations.” In other terms, as a Reuters article states, “The agency provides direct telecommunications and IT support for the president, Vice President Mike Pence, their staff, the U.S. Secret Service, the chairman of the Joint Chiefs of Staff and other senior members of the armed forces.”

In regards to OSINT sources, as of the time of this writing, it doesn’t appear that details have been released. Based on articles from Reuters, TechCrunch, and the BBC, the only information available for the public are the letters warning that certain personnel may have had their PII compromised.

Potential Impacts:

Compared to the Equifax breach, 8,000 potentially affected individuals seems arbitrary. However, the fact of the matter is these are 8,000 federal employees. Coupled with the 2013 federal Office of Personnel Management (OPM) breach in 2013, the potential impact to the privacy and security of federal employees continues to increase. In a separate article by Wired, one regarding the fact that the Justice Department has charged four Chinese nationals over the 2017 Equifax breach, it was stated that, “US officials now worry whether they can work undercover overseas at all.” Contextually, this statement was meant to specifically address the consequences of China, allegedly, having over half of our nation’s most personal information. However, this statement still holds true in a general sense, as the more PII that is leaked about federal employees, the more vulnerable our personnel become.

Significance:

Having personal information leaked to the wild is not something anyone wants to hear. However, the level of PII that may have been compromised by this DISA data breach includes information that could allow a malicious actor to conduct credit fraud using your information. As with the Equifax data breach, compromised information could be used to open fraudulent lines of credit, fraudulent loans, and could jeopardize other activities or items that are protected using a Social Security Number (SSN). While the pool of potentially affected individuals is only about 8,000 in this case, it is another case on top of the 150 million people affected by the Equifax breach.

Sources:

“China’s Hacking Spree Will Have a Decades-Long Fallout.” 11 Feb 2020. Retrieved From: wired.com. Retrieved: 25 Feb 2020.

“Data breach hits agency overseeing White House communications.” 20 Feb 2020. Retrieved From: bbc.com. Retrieved: 25 Feb 2020.

“OUR WORK / DISA 101.” Retrieved From: disa.mil. Retrieved: 25 Feb 2020.

“U.S. agency that handles Trump’s secure communication suffered data breach.” 20 Feb 2020. Retrieved From: reuters.com. Retrieved: 25 Feb 2020.

“US defense agency says personal data ‘compromised’ in 2019 data breach.” 20 Feb 2020. Retrieved From: techcrunch.com. Retrieved: 25 Feb 2020.