The United States Department of Energy (DOE) has been hacked once again. The incident has resulted in the personal details – including social security numbers – of 14,000 current and former employees being compromised.
According to The Wall Street Journal, on Wednesday, the DOE sent out emails to the impacted individuals, warning them that their personally identifiable information (PII) might have been stolen by cybercriminals in the attack that took place at the end of July.
Sources have told the WSJ that the attackers gained access to the department’s networks by hacking into a human resources computer.
The DOE is confident that no classified information has been obtained by the cybercriminals.
“The Department is strongly committed to protecting the integrity of each employee’s PII and takes any cyber incident very seriously,” the email sent out by the department reads.
“The Department’s Cybersecurity office, the Office of Health, Safety and Security and the Inspector General’s office are working with other federal law enforcement to obtain information concerning the nature of the incident. No classified data was targeted or compromised.”
Individual notifications will be sent out to current employees starting today. The notification of former employees will start sometime this week, once the DOE obtains their current contact information.
They will all be offered assistance on how to protect themselves against identity theft and one year of free credit monitoring.
This isn’t the first time the DOE is hacked this year. Back in February, the personal details of several hundred employees were compromised after a total of 14 servers and 20 workstations from the Washington headquarters were penetrated by cybercriminals.
At the time, the main suspect was China. However, experts warned that Iran was also targeting the DOE’s systems.