Whereas “Zipcodes,” “Full names,” “Cellphone numbers,” “E mail addresses,” and “County, Metropolis, States,” had been the frequent fields in all of those information, the Contact file had extra fields akin to “Fax numbers” and “Mailing addresses.” Inter_Contact file had additional “E mail domains” and “Firm title and tackle” fields, whereas extra particulars within the employees file included “Enterprise Addresses,” “Firm names” and “Associated industries”.
Upon filtering out the duplicate information, the whole accounts breached amounted to almost 8.5 million (particularly 8,460,182).
USDoD is a repeat federal offender
This isn’t the primary time USDoD has sneaked right into a federal system. Beforehand generally known as “NetSec” on RaidForums, USDoD has gained notoriety for the reason that risk actor’s “#RaidAgainstTheUS” marketing campaign concentrating on the US Military and Protection contractors.
In December 2022, USDoD posted hacked information from InfraGard, a partnership between the FBI and personal sector companies, which consisted of non-public particulars about 87,000 members of InfraGrad. A subsequent breach included an information leak of three,200 Airbus distributors that USDoD managed to seize utilizing the compromised credentials of a Turkish Airline worker.
“USDoD’s hacking strategy closely depends on social engineering, notably impersonation. [The hacker] typically features entry to high-profile entities by impersonating key people,” in line with USDoD’s official X account bio.
USDoD was revealed by SOCRadar to be a person in his mid-30s with roots in South America. Earlier stories from February 2022, in line with SOCRadar, had painted him as a pro-Russian risk actor which he refuted in a while saying his affiliation with Russia was strictly enterprise and non-political.