Bad actors gain access to DEA key systems

Bad actors gain access to DEA key systems

https://www.cpomagazine.com/cyber-security/data-breach-on-dea-law-enforcement-system-grants-cyber-criminals-access-to-16-databases/

Exploit: Hacking
The U.S. Drug Enforcement Agency (DEA): Federal Government Agency

risk-to-business-img-r1

Risk to Business: 1.763 = Severe

Officials are investigating a potential breach that could allow bad actors to access key systems used by law enforcement agencies in the U.S. A tip pointed officials to information that the LAPSUS$ hacking group may have gained access to the esp.usdoj.gov data portal, the Law Enforcement Inquiry and Alerts (LEIA) system, the U.S. Drug Enforcement Agency (DEA)’s El Paso Intelligence Center (EPIC) and other DEA systems. That unauthorized access may be used by cybercriminals in myriad ways including for impersonation efforts and doxing, as well as affording the bad guys the opportunity to search databases and to obtain sensitive data. 

Qualys-server-exploited-to-steal-financial-files-img3

Individual Impact:

No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How It Could Affect Your Customers’ Business: This kind of access and information in the wrong hands could be beneficial to cybercriminals including nation-state actors.

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.