- The Washington Times - Friday, April 22, 2016

A security breach suffered year by a British defense contractor allowed for the personally identifiable information of hundreds of individuals with high-level security clearances to become compromised, The Register reported on Friday.

Following up on an incident that came to light in November, documents obtained by Freedom of Information Act requests revealed to The Register this week that upwards of 831 members of Britain’s defense community were affected when Niteworks, a government-affiliated business networking group, was breached by hackers.

Members of the Niteworks forum received an email in November indicating hackers had attacked a database containing account information, and were told at the time that no sensitive government information had been accessed. Because organizations that work with the Ministry of Defense are obliged to immediately report “any security incident involving MoD owned, processed or generated information” with the government, The Register has since been able to acquire email exchanges detailing the scope of the breach.

According to those emails, whomever breached Niteworks subsequently accessed “the personal data of MoD and defense industrial partner staff which was limited to name, organization and email address” pertaining to the 831 account holders. Passwords were also accessed, the correspondence revealed, but were protected with strong encryption.

Although the compromised data reportedly consisted of only names, affiliations and email addresses, cybercriminals could nonetheless capitalize off of a list of defense contractors by using the information to launch targeted attacks specifically crafted to be attractive to military members. The U.S Department of Homeland Security’s Industrial Control Systems Cybersecurity Emergency Response Team, or ICS-CERT, said that it was aware of nearly 100 attacks against the critical manufacturing sector in 2015 that involved the use of so-called “spear phishing” attacks directed at specific targets.

Emails “were sent to the 831 non-suspicious account addresses informing them of the breach, advising them to change passwords in any other sites using the same combination of email address and password as was used at niteworks.net and warning them of the increased likelihood of phishing attacks against their registered email address,” according to an email cited by Niteworks. Nearly half of those emails, however, were “returned as undeliverable,” suggesting whomever breached Niteworks accessed a database that was largely useless.

Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times is switching its third-party commenting system from Disqus to Spot.IM. You will need to either create an account with Spot.im or if you wish to use your Disqus account look under the Conversation for the link "Have a Disqus Account?". Please read our Comment Policy before commenting.


Click to Read More and View Comments

Click to Hide