The Department of Homeland Security is investigating a breach of its platform, which federal, state, and local governments and law enforcement use to share intelligence, with one senior lawmaker warning that the information spill could risk national security.
News sites Nextgov, which first broke news of the incident, and Bleeping Computer report that DHS officials are probing a cyberattack on its Homeland Security Information Network, or HSIN, which allows government agencies and local officials to plan, coordinate, and share information and intelligence about major events and respond to emergencies.
The hackers reportedly broke into HSIN servers during late May and early June, potentially exposing information shared using the platform, per Nextgov.
When reached by email, an unnamed DHS spokesperson said that the department is “aware of a recent cyber incident involving a specific, unclassified legacy information sharing environment.”
“We immediately took action to isolate the affected systems, mitigate the vulnerability, and launch a comprehensive forensic investigation,” said the statement. The investigation is ongoing and the spokesperson declined to comment further.
It’s unclear what data was stolen or how much was taken, and Homeland Security did not answer TechCrunch’s questions about the incident. A previously reported security lapse during 2023 revealed that HSIN contained personal information shared among law enforcement related to the surveillance of Americans.
The incident involving HSIN puts fresh scrutiny on the government’s ability to defend the cybersecurity of its own systems, following over a year of deep cuts across the federal government, including Homeland Security and its cybersecurity agency CISA, under the Trump administration.
While the intelligence shared over HSIN is unclassified, the information “is highly sensitive, and its exposure risks national security,” said Mark Warner, a Democratic senator representing Virginia who also serves as the ranking member of the Senate Intelligence Committee, in a statement.
Warner said that the HSIN platform is supporting the World Cup games currently underway in the United States, and was also used last year to manage the response to the mid-air collision of an American Airlines jetliner and a U.S. Army Black Hawk helicopter over Washington, D.C., which killed 67 people.
The identity, affiliation, and motives of the hackers who targeted HSIN are not known, but the breach marks the latest security laps …