A private contractor responsible for conducting background investigations for the Department of Homeland Security said criminal hackers have penetrated its network. Authorities are concerned the breach may have compromised personal information belonging to federal employees.
The company, U.S. Investigations Services LLC, based in Falls Church, Virginia, said in a statement posted Wednesday on its website that experts believe the breach “has all the markings of a state-sponsored attack.”
DHS spokesman Peter Boogaard told FedScoop a multi-agency cyber response team is working with the company to identify the scope of the intrusion and the FBI has launched a federal investigation.
“Effective immediately, DHS has issued stop-work orders halting the provision of additional sensitive information to the private sector company until we can determine that it will not be subject to compromise,” Boogaard said. “At this time, our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce, out of an abundance of caution, to advise them to monitor their financial accounts for suspicious activity. As we continue to investigate the nature of this breach on an urgent basis, we will be notifying specific DHS employees whose [personally identifiable information] we can determine was likely compromised.”
A DHS official told FedScoop on background the agency is also advising employees be alert to unsolicited requests for personal and financial information. “Employees are being asked to notify their privacy officer and security officer if they note any unusual activity,” the official said.
USIS said it self-reported the incident to the Office of Personnel Management, DHS and federal law enforcement authorities.
Founded in 1996, the company was born out of the privatization of OPM’s investigative branch. As a result of that privatization effort, OPM awarded the company a contract to provide background investigation services for 95 federal agencies. Today, the company supports 100 agencies, according to its website. The company claims to have performed more than 2 million background investigations since 2011 and employs 2,300 field investigators across the country.
OPM communications director Jackie Koszczuk said “out of an abundance of caution, we are temporarily ceasing field investigative work with USIS. This pause will give USIS time to work with US-CERT and OPM to take the necessary steps to protect its systems.”
Koszczuk said OPM has so far not been notified of any loss of personally identifiable information for OPM managed investigations. “OPM does not share and host information with USIS in the same way that other federal agencies do,” she said. “These are separate operations. We are vigorously working to learn the extent of the situation at USIS and we are taking appropriate actions to protect the security and integrity of our systems and data.”