Click to Skip Ad
Closing in...
  1. Amazon Gift Card Promotion
    11:46 Deals

    How you can get $15 from Amazon right now for free

  2. Amazon Deals
    07:55 Deals

    10 deals you don’t want to miss on Saturday: Alexa in your car for $19.99, $200 Chro…

  3. Amazon Deals
    07:56 Deals

    10 deals you don’t want to miss on Sunday: $30 off Amazon Echo Buds, $230 convertibl…

  4. MacBook Pro 2021 Price
    16:34 Deals

    Amazon slashed $200 off Apple’s M1 MacBook Pro, or get a MacBook Air for $899

  5. Wireless Borescope Camera
    09:10 Deals

    Last chance to get the crazy wireless camera that lets your phone see anywhere for $29




Passwords From 47 Government Agencies Leaked Online

June 25th, 2015 at 4:45 PM
Government Agencies Hacked Passwords

Stolen email and passwords belonging to individuals from nearly 50 Government agencies have leaked online, according to a CIA backed startup out of Boston. According to a report from Recorded Future, login credentials from 47 agencies were found to have been leaked on upwards of 89 unique domains.

Compounding matters is that 12 of the affected agencies, including the Department of Energy, do not implement two-factor authentication. As a result, the report notes that “the presence of these credentials on the open Web leaves these agencies vulnerable to espionage, socially engineered attacks, and tailored spear-phishing attacks against their workforce.”

DON’T MISS: T-Mobile’s New Uncarrier Move Kills Lump Payments, Offers iPhone 6 for $15/Month

CBS has since revealed that the 12 agencies who haven’t yet implemented two-factor authentication include “the General Services Administration, USAID, and the departments of State, Veterans Affairs, Agriculture, Housing and Urban Development, Transportation, Treasury, Health and Human Services, Energy, Interior and Homeland Security.”

In compiling their report, Recorded Future notes that they used proprietary technology to scan over 680,000 different websites across seven languages. The report details that most credentials were compromised when Federal workers logged into third-party websites using the same credentials used to log in at work.

The report reads in part:

In many cases, our research identified the immediate removal of the credentials by sites such as pastebin.com. However, to Recorded Future’s knowledge, no efforts are made to contact government agencies whose credentials may be posted on a paste site. Further, while the information may be removed from a paste site, it likely still circulates in private circles and is available to the original attackers.

What makes this report all the more worrisome is that it’s wholly unrelated to recent the hack on the Office of Personnel Management where hackers made off with the personal information of at least 4 million federal workers. The compromised data in that particular security breach included social security numbers, birth dates, addresses, job and pay history, health insurance information, and much more.

A life long Mac user and Apple enthusiast, Yoni Heisler has been writing about Apple and the tech industry at large for over 6 years. His writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and most recently, TUAW. When not writing about and analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions, the most recent examples being The Walking Dead and Broad City.




Popular News