5 High-Impact Government Data Breaches

One of the biggest banes of the internet age are data breaches. Over the years, records belonging to billions of users across the world have been exposed and aggregated on various dark web lists for sale.

However, when we hear of data breaches, we mostly think about consumer-oriented companies that hold user data and have been breached like Yahoo, Facebook, Marriot, etc. Unfortunately, governments are under just as much threat from hackers as private companies. There have been many incidents of government data breaches over the years. In this post, we take a look at 5 of the biggest government data breaches that have put our personal information at risk.

5 Massive Government Data Breaches:

1. Russia’s Federal Security Service (FSB)

As recently as July 13th, 2019, hackers with a group known as 0v1ru$ targeted the Federal Security Service (FSB) in what BBC Russia referred to as “the largest data leak in the history of the work of Russian special services on the Internet.”

The breach was aimed “Sitek” or SyTech, which is the major information technology contractor of the FSB. In the heist, the hackers managed to steal 7.4 terabytes of data. According to reports, they first broke into the active directory server of SyTech, and then the entire network.

They then shared this data with Digital Revolution, which is a bigger hacking group that had breached Quantum in 2018, another FSB contractor. Digital Revolution then shared this data with journalists in mainstream media.

This breach exposed several years-long Russian intelligence projects. These include scraping social media for user data, de-anonymizing Tor traffic, penetrating P2P networks, and even an initiative to ensure that the Russian internet could operate independently from the World Wide Web.

2. The US OPM Data Breach

In April 2015, the United States Office of Personnel Management (OPM), the agency that manages the US government’s civilian workforce, discovered that it had been hacked. Initially, they stated that the data breach had affected about four million people. The final estimate of the extent rose sharply to about 21.5 million people, which they made public in June 2015.

The data breach exposed millions of SF-86 forms belonging to federal employees as well as those seeking government security clearances. These forms contained extremely personal information used for “conducting background investigations, reinvestigations, and continuous evaluations of persons under consideration for, or retention of, national security positions.”

Some of the information exposed included residency information, employment history, education history, immediate family members, personal and business acquaintances, finances, health, and criminal history. 1.1 million fingerprints were also stolen.

Secure your data with NymGuard

Keep your personal data secure when using the web online.

Get NymGuard Now

3. The Swedish Transport Agency

In 2016, the Swedish Secret Service discovered a data breach that had happened at the Swedish Transport Agency in 2015. But unlike most data breaches, this one didn’t involve hacking or malice. The breach happened as a result of the agency mishandling the database when outsourcing a security project to IBM.

This data breach exposed and leaked top-secret information about transport systems in the government. Exposed data included time-sensitive and personal information about fighter pilots, SEAL team operators, police suspects, and people under witness relocation. The personal information about these people that was exposed included names, photos, and home addresses of millions of other civilians.

Ms. Agren, who was the head of the agency before being fired in January 2016, was fined $8,500 (half a month’s salary) for being careless with sensitive information.

4. India Aadhar

Aadhar is the national ID database of the Indian government. In 2018, the database was the victim of a huge data breach as a result of cyber-attacks and lax security protocols. This was the largest data breach ever in India, and according to the World Economic Forum, the database “suffered multiple breaches that potentially compromised the records of all 1.1 billion registered citizens.”

In January 2018, it was reported the hackers were selling access to the database at a rate of Rs500 (about 7 USD) for 10 minutes. In March of the same year, a leak at a state-owned utility company allowed anyone to download names and ID numbers.

5. The US Voter Database

In 2015, Chris Vickery, an independent computer security researcher, discovered a US voter information database that was left exposed on the open internet. This database contained records of over 191 million US voters, which was nearly all of the country’s registered voters at the time.

This database was left exposed by a firm that was working on behalf of the Republic National Committee (RNC) is an effort to elect Donald Trump in 2016. It listed personal details of voters such as home addresses and phone numbers, as well as more detailed profiling info such as religion, ethnicity, and political leaning.

A similar data breach also happened in 2017, exposing 198 million records of US voters.

What can you do?

When it comes to the government’s data security, there’s nothing much we can do as citizens. However, it’s always important to play our part in securing the data that can be stolen through our own faults. To do this, enable two-factor authentication across all your supported services, and use a secure VPN to encrypt your data in transit.

Secure your data with NymGuard

Keep your personal data secure when using the web online.

Get NymGuard Now

Comments

Get the ultimate online experience

Download our mobile App now.
IOS and Desktop versions are coming soon!