image

8.5M User Data Leaked from a Critical Infrastructure Agency

The U.S. Environmental Protection Agency (EPA) is facing a significant security breach, carried out by a hacker operating under the alias USDoD. This alleged breach has resulted in the exposure of personal and sensitive information belonging to more than 8.5 million users, including both customers and contractors.

The data breach was brought to light on the morning of Sunday, April 7, 2024. Notably, USDoD has a history of engaging in high-profile data breaches, with previous incidents including the exposure of data from 87,000 members of InfraGard, a sensitive security program funded by the FBI and dedicated to safeguarding critical infrastructure in the United States.

“Hello Breachforums, this is your favorite TA and today Im proud to say that Im releasing epa.gov database of contact list. This is their entire contact of Critical Infra not only for the USA but for the entire globe.”

USDoD

Regarding the alleged data breach at the EPA, the hacker claims that they have successfully compromised and leaked the entire database of the agency. Analysis conducted by Hackread.com indicates that the data provided by USDoD appears to be legitimate; however, conclusive verification can only be provided by the U.S. Environmental Protection Agency.

Meanwhile, a review of the leaked file reveals a 500MB Zip archive containing three CSV files labelled “Contact,” “Inter_Contact,” and “Staff.” An assessment of these files reveals the presence of the following information:

Contact File (3,726,130 Records)

  • Zipcodes
  • Full names
  • Fax numbers
  • Phone numbers
  • Email addresses
  • Mailing addresses
  • Country, city, States

Inter_Contact File (9,952,374 Records)

  • Zipcodes
  • Full names
  • Phone numbers
  • Email addresses
  • Email domains
  • Country, City, State
  • Company name and address

Staff File (3,325,973 Records)

  • Zipcodes
  • Fill names
  • Job titles
  • Company names
  • Email addresses
  • Business Addresses
  • Phone numbers
  • Related industries
  • Country, city and States

Following the removal of duplicate records, the total number of accounts involved in the breach stands at nearly 8.5 million, specifically 8,460,182. Hackread.com has notified the U.S. Environmental Protection Agency (EPA) and CISA regarding the data breach. Any response received from either of the agencies will lead to an update to this article.

The Good and Bad news

The good news amidst this breach is the absence of passwords. However, the seriousness of the situation can be understood by the fact that the leaked data is now circulating within Russian hacker and cybercrime forums. This development not only opens doors for state-sponsored cyber espionage but also poses serious risks of identity theft, phishing scams, and targeted marketing campaigns.

Furthermore, the exposure of information regarding facilities or individuals reporting environmental violations raises serious concerns. Such disclosures could potentially deter future reporting and impede the EPA’s effectiveness in enforcing regulatory measures.

Devastating First Quarter of 2024 for US So Far

The first quarter of 2024 has proven to be quite challenging for the United States, a nation that holds influential global power and consequently becomes an attractive target for cybercriminals. Despite ongoing efforts to strengthen its critical infrastructure, the country has faced a surge in successful cyber attacks, resulting in widespread disruption and compromise.

In January, EquiLend, a prominent financial technology firm, fell victim to a large-scale ransomware attack. As a result, it was confirmed that the incident also led to a data breach, exposing sensitive employee information.

March witnessed the cyber attack from IntelBroker hacker against Acuity Inc., a federal contractor, resulting in the exposure of critical records belonging to U.S. Citizenship and Immigration Services (USCIS) and U.S. Immigration and Customs Enforcement (ICE). Although initially denied, Acuity Inc. eventually acknowledged the hack.

In February, the same hacker targeted the security of Los Angeles International Airport, compromising the personal data of 2.5 million private plane owners. Shortly thereafter, in March, American Express disclosed a significant data breach involving third-party contractors, impacting its cardholders.

The latest alleged data breach occurred on April 4, 2024, when the IntelBroker hacker leaked personal data belonging to over 22,000 Home Depot employees on BreachForums.