|
An outside attacker attempted to gain access to systems at the US Department of Agriculture and could have compromised personal information on 26,000 DC-area employees, contractors, and retirees.
Letters to USDA employees regarding a security breach that happened the weekend of June 6th will be sent out by the department to those staffers potentially affected by an intrusion into the department's systems.
Agriculture Secretary Mike Johanns learned of the problem on June 6th, a day after it took place. A statement posted by the USDA said initial analysis of the breach indicated that no personal information had been accessed by the attacker.
However, subsequent analysis has brought that contention into question. It is possible, though unconfirmed, the attacker could have viewed personally identifiable information contained on the two servers targeted by the intruder.
Individual information like names, Social Security numbers, and photos may have been discovered by the attacker. The USDA also noted that publicly available information is similarly contained in the database on those systems.
A report on the FirstGov website described some details of the attack:
Over the June 3, 2006, weekend, USDA cyber security staffers monitoring our systems detected some suspicious activity involving an Office of Operations workstation and two servers containing employee personal data. The indication was that someone from outside of USDA was attempting to gain unauthorized access to the system.
The systems in question do not contain health or financial information, the FirstGov report said. But the description of the incident leads to certain speculation about the breach.
FirstGov noted a workstation and two servers were involved in the attack. It's unlikely an attacker would specifically target a workstation. However, if a user at that workstation had downloaded a piece of malicious software that permits unauthorized remote access, an attacker could have used the workstation as a starting point for the attack.
About
the Author:
David Utter is a business and technology writer with WebProNews.
|
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
