The US Department of Homeland Security (DHS) announced it suffered a data breach last year, during which data for over 247,000 DHS employees and individuals under DHS investigations was taken from a secure DHS database.

The DHS said a former employee is to blame, and not a hacker.

"On May 10, 2017, as part of an ongoing criminal investigation being conducted by DHS OIG and the U.S. Attorney’s Office, DHS OIG discovered an unauthorized copy of its investigative case management system in the possession of a former DHS OIG employee," the DHS said yesterday in a press release.

Employee, witness, and suspect data take from DHS database

The stolen data is a copy of the Department of Homeland Security’s (DHS) Office of the Inspector General (OIG) Case Management System (CMS), a database-type application DHS employees use to store data for current and past investigations.

The database contains data on both the DHS employees investigating these cases, but also on the people under investigation and case witnesses.

According to the DHS, a former employee made a copy of this data circa 2014. The stolen database contained DHS data from 2002 through 2014.

DHS says the database contained the personal information of approximately 247,167 current and former federal employees. It did not say how many cases or case subjects were affected. This is what was compromised, per category, according to the DHS.

DHS Employee Data: Approximately 246,167 federal government employees who were employed directly by DHS during 2014.  The PII for these individuals includes names, Social Security numbers, dates of birth, positions, grades, and duty stations. This list of federal government employees was used by DHS OIG Office of Investigations to conduct identity confirmation during the complaint and investigative process.

Investigative Data: Individuals associated with DHS OIG investigations from 2002 through 2014, which includes subjects, witnesses and complainants who were both DHS employees and non-DHS employees.  The PII contained in this database varies for each individual depending on the documentation and evidence collected for a given case.  Information contained in this database could include names, Social Security numbers, alien registration numbers, dates of birth, email addresses, phone numbers, addresses, and personal information provided in interviews with DHS OIG investigative agents.

DHS notifying current and former employees

DHS officials said it took months to carry out "a thorough privacy investigation, extensive forensic analysis of the compromised data, an in-depth assessment of the risk to affected individuals, and comprehensive technical evaluations of the data elements exposed."

The Agency is now offering 18 months of free credit monitoring and identity protection services to all affected individuals. Letters have been sent to current and former employees. People that interacted with DHS investigations between 2002 and 2014 are urged to follow additional advice provided on this FAQ page.

Related Articles:

MongoDB Server Exposes Babysitting App's Database

Pentagon Data Breach Exposes up to 30,000 Travel Records

Atlas Quantum Cryptocurrency Investment Platform Suffers Data Breach

Tumblr Fixes Security Bug that Leaked Private Account Info

Vending Machine App Hacked for Unlimited Credit