U.S. Environmental Protection Agency Hacked, Exposing Data of 8.5 Million Users

The US Environmental Protection Agency EPA is facing a major security issue that is a result of a hacker’s cyberattack which he/she is in the USDoD phony persona.

This breach however has resulted in leaking of personal and sensitive information such as that of more than 8.5 million uses which include both customers and crew members.

Breach Unveiled by The Guardian Online

The Guardian Online caught wind of the issue on Sunday, April 7, 2024. To illustrate, USDoD experienced its largest data leak in the history of attacks, affected 87,000 InfraGard participants, a highly sensitive FBI-funded security community, established to secure critical infrastructure in the U.S.

The one who hacked the EPA claim the database was successfully tampered with and every document leaked.

At this juncture, it seems that Hack Read team has detected the leaked data provided by US Department of Defense as genuine, even though, the verified verification is with the Environmental Protection Agency.

Coming across this pirated leak online there is a 500MB Zip archive sitting in three CSV files labelled “Contact”, “Inter_Contact”, and “Staff”. Forensic examination of these files gives us a lot of information and data.

Contact File (3,726,130 Records)

Zipcodes

Full names

Fax numbers

Phone numbers

Email addresses

Mailing addresses

Country, city, States

Inter_Contact File (9,952,374 Records)

Zipcodes

Full names

Phone numbers

Email addresses

Email domains

Country, City, State

Company name and address

Staff File (3,325,973 Records)

Zipcodes

Fill names

Job titles

Company names

Email addresses

Business Addresses

Phone numbers

Related industries

Country, city and States

Implications of the Breach

Taken after all the duplicates are removed, the grand total number of accounts involved rises to approximately 8, 5 million, signified by 8,460,182.

To the upside is a nice feature that we don’t have to memorise passwords.

On top of this, the information leak could be spread among the members of the Russian hacker and the cybercrime community as well, which would exacerbate the situation.

Beyond that, such exposure drastically increases chances of state-sponsored cyber espionage and makes individuals more vulnerable to ID theft or phishing attacks.

Beyond that, we can barely overlook the fact that any environmental information disclosed may include facilities or persons reporting their environmental violations which gives critical issues to think about.

These releases may together discourage the reporters from being involved in this case and eventually hinder the EPA from successfully applying the regulation.