The US Census Bureau Director, John H. Thompson, revealed on Friday that his institution experienced a data breach the past week, but no sensitive or private information was leaked.
On a post on the bureau’s blog penned by Mr. Thompson himself, he revealed how attackers got access to an external facing database belonging to the Federal Audit Clearinghouse.
This database contained details about the names of the person submitting information to the US Census Bureau, organization addresses, phone numbers, usernames, and other types of data the bureau did not consider confidential.
Regarding private information collected from US citizens and businesses, Mr. Thompson said, “That information remains safe, secure and on an internal network segmented apart from the external site and the affected database. Over the last three days, we have seen no indication that there was any access to internal systems.”
The group Anonymous Operations is to blame for the attack
The breach was announced on Twitter by a hacker group calling itself Anonymous Operations and was carried out in protest to the TTIP (Transatlantic Trade and Investment Partnership) and TTP (Trans-Pacific Partnership) trade agreements.
The tweet also contained a link to their own website, where four other URLs linked to the info obtained in the data breach.
The nationality of the hackers is unknown, but their anger against the TTP and TTIP agreements should narrow down the search.
While not as severe as other attacks on US government bodies, the bureau’s IT staff took the servers offline within 90 minutes after having found out of the attack, and this is how they’ll remain until their investigation completes.
From initial findings, “it appears the database was compromised through a configuration setting that allowed the attacker to gain access to the four files posted to the hacker’s site,” said Mr. Thompson.