DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Joint Chiefs’ email network breach was “most sophisticated” cyberbreach in US military history (UPDATE 1)

Posted on August 6, 2015 by Dissent

On July 28, CNN reported:

The unclassified email network used by Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, and hundreds of military and civilian personnel was taken offline over the weekend after suspicious activity was detected, the Pentagon confirmed to CNN on Tuesday.

Yesterday, The Daily Beast reported that the attack was much worse than we might have thought from initial reports:

The hacking of the Joint Chiefs of Staff email network on July 27 marked the “most sophisticated” cyberbreach in U.S. military history, Department of Defense officials concede. Various government officials are working to revamp parts of their network in response. In the meantime, officials have spent the last 10 days scrubbing the system and creating mock hacking scenarios before giving military personnel access to it again.

The attack on the Joint Staff network involved “new and unseen approaches into the network,” one of the defense officials told The Daily Beast. After scrubbing it, putting in new protections and red teaming potential attacks “ we are sharing the lessons learned with the rest of government.” According to a second defense official, the attack was a spear phishing attack targeting the personal information of scores of users. The attack was so sophisticated officials are investigating whether a “state entity” was involved, the official said.

So… is there any connection between the disclosed attack and a recently claimed Department of Defense hack by “Remember EMAD,” a group that has been described as a “joint Lebanese and Iranian effort – high likely state-backed” (Network Security Report). Since August 1, when Remember EMAD said they would be dumping data, they’ve not posted anything that I’ve found so far, but I’m wondering whether the types of files they describe would be found on the unclassified Joint Chiefs of Staff network:

– deals with contractors

– products being discussed to send overseas to various geos

– id and social security of the dod personnel involved

Just a coincidence? Maybe (probably?), but if anyone has additional details, please contact DataBreaches.net.

UPDATE 1: This attack is now being attributed to Russia. See this article on CNBC.

No related posts.

Category: Government SectorOf NoteOtherU.S.

Post navigation

← UK: ICO issues £180,000 civil monetary penalty in wake of data breaches
UAE banks replace credit cards after security scare →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked
  • Hunters International to provide free decryptors for all victims as they shut down (2)
  • SEC and SolarWinds Seek Settlement in Securities Fraud Case

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.