A hacktivist, who had a compromised email account belonging to a DOJ employee, was poking around the DOJ portal. With the determination to get further in, and getting stopped with a challenge of needing a token code they were stuck…
What would any new person do?
Probably call up support, say they are new, and ask how they can get in.
And that is exactly what went down. The support personnel even gave up their own token code.
Once the hacktivist was logged on, they had access to personal VMs with mapped drives. It’s reported that 200GB was exfiltrated.
Yesterday, the hacktivist dropped information on 20,000 FBI employees on Cryptobin
When Motherboard was trying to vet the data, calling the Homeland Security’s National Operations Center; the reporter’s call was the first NOC had heard about the leak. This negative event shows that we aren’t doing the basic security fundamentals! The least amount of effort necessary to keep data secure!