Upon filtering out the duplicate data, the entire accounts breached amounted to almost 8.5 million (particularly 8,460,182).
USDoD is a repeat federal offender
This isn’t the primary time USDoD has sneaked right into a federal system. Beforehand generally known as “NetSec” on RaidForums, USDoD has gained notoriety because the risk actor’s “#RaidAgainstTheUS” marketing campaign focusing on the US Military and Protection contractors.
In December 2022, USDoD posted hacked information from InfraGard, a partnership between the FBI and personal sector corporations, which consisted of private particulars about 87000 members of InfraGrad. A subsequent breach included an information leak of 3200 Airbus distributors that USDoD managed to seize utilizing the compromised credentials of a Turkish Airline worker.
“USDoD’s hacking strategy closely depends on social engineering, significantly impersonation. [The hacker] typically beneficial properties entry to high-profile entities by impersonating key people,” in keeping with USDoD’s official X account bio.
USDoD was revealed by SOCRadar to be a person in his mid-30s with roots in South America. Earlier studies from February 2022, in keeping with SOCRadar, had painted him as a pro-Russian risk actor which he refuted afterward saying his affiliation with Russia was strictly enterprise and non-political.
USDoD maintains a devoted Telegram channel, SparrowCorp, to replace his followers about his latest hacks and share hyperlinks for gross sales of the leaked information. On April 7, he made two posts concerning the EPA breach. “I acquired entry to a US federal jurisdiction information that may make InfraGard appear like an novice job,” the hacker posted about 12 hours earlier than including, “Good night, Neighborhood. Epa gov database have been shared with a complete of 15M rows.”
