DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Joint Chiefs’ email network breach was “most sophisticated” cyberbreach in US military history (UPDATE 1)

Posted on August 6, 2015 by Dissent

On July 28, CNN reported:

The unclassified email network used by Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, and hundreds of military and civilian personnel was taken offline over the weekend after suspicious activity was detected, the Pentagon confirmed to CNN on Tuesday.

Yesterday, The Daily Beast reported that the attack was much worse than we might have thought from initial reports:

The hacking of the Joint Chiefs of Staff email network on July 27 marked the “most sophisticated” cyberbreach in U.S. military history, Department of Defense officials concede. Various government officials are working to revamp parts of their network in response. In the meantime, officials have spent the last 10 days scrubbing the system and creating mock hacking scenarios before giving military personnel access to it again.

The attack on the Joint Staff network involved “new and unseen approaches into the network,” one of the defense officials told The Daily Beast. After scrubbing it, putting in new protections and red teaming potential attacks “ we are sharing the lessons learned with the rest of government.” According to a second defense official, the attack was a spear phishing attack targeting the personal information of scores of users. The attack was so sophisticated officials are investigating whether a “state entity” was involved, the official said.

So… is there any connection between the disclosed attack and a recently claimed Department of Defense hack by “Remember EMAD,” a group that has been described as a “joint Lebanese and Iranian effort – high likely state-backed” (Network Security Report). Since August 1, when Remember EMAD said they would be dumping data, they’ve not posted anything that I’ve found so far, but I’m wondering whether the types of files they describe would be found on the unclassified Joint Chiefs of Staff network:

– deals with contractors

– products being discussed to send overseas to various geos

– id and social security of the dod personnel involved

Just a coincidence? Maybe (probably?), but if anyone has additional details, please contact DataBreaches.net.

UPDATE 1: This attack is now being attributed to Russia. See this article on CNBC.

Category: Government SectorOf NoteOtherU.S.

Post navigation

← UK: ICO issues £180,000 civil monetary penalty in wake of data breaches
UAE banks replace credit cards after security scare →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?”
  • India: Servers of two city hospitals hacked; police register FIR
  • Ph: Coop Hospital confirms probe into reported cyberattack
  • Slapped wrists for Financial Conduct Authority staff who emailed work data home
  • School Districts Unaware BoardDocs Software Published Their Private Files
  • A guilty plea in the PowerSchool case still leaves unanswered questions
  • Brussels Parliament hit by cyber-attack
  • Sweden under cyberattack: Prime minister sounds the alarm
  • Former CIA Analyst Sentenced to Over Three Years in Prison for Unlawfully Transmitting Top Secret National Defense Information
  • FIN6 cybercriminals pose as job seekers on LinkedIn to hack recruiters

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Anne Wojcicki Wins Bidding for 23andMe
  • Would you — or wouldn’t you?
  • New York passes a bill to prevent AI-fueled disasters
  • Synthetic Data and the Illusion of Privacy: Legal Risks of Using De-Identified AI Training Sets
  • States sue to block the sale of genetic data collected by DNA testing company 23andMe
  • AI tools collect and store data about you from all your devices – here’s how to be aware of what you’re revealing
  • 23andMe Privacy Ombudsman Urges User Consent Pre-Data Sale

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.