A top Department of Homeland Security contractor is the most recent victim of data theft after hackers broke in and stole data from the company. USIS is DHS' largest provider of background checks for security clearances.
The company, USIS, said in a statement that the intrusion “has all the markings of a state-sponsored attack.”
The DHS believes that the hackers may have come away with personnel information from the department, but it doesn't know how much. All employee information is encrypted when it's sent to USIS, but it may not stay encrypted once the company has it.
Both the DHS and Office of Personnel Management have stopped all work with USIS to be safe. The DHS is now working with USIS to figure out what happened and try and track down the hackers.
The U.S. Computer Emergency Readiness Team (US-CERT), a component of DHS, is conducting an on-site assessment at USIS, including a forensic analysis. Officials said they are seeking to learn exactly what happened and who was behind the intrusion. US-CERT has also instructed the company on how to mitigate the breach, officials said.
USIS was already in hot water with the government. It recently received a $190 million contract from DHS, but is facing a whistleblower lawsuit that claims the company didn't complete 665,000 background checks for security clearances.