navigation-background arrow-down-circle Reply Icon Show More Heart Delete Icon wiki-circle wiki-square wiki arrow-up-circle add-circle add-square add arrow-down arrow-left arrow-right arrow-up calendar-circle chat-bubble-2 chat-bubble check-circle check close contact-us credit-card drag menu email embed facebook-circle snapchat-circle facebook-square facebook faq-circle faq film gear google-circle google-square googleplus history home instagram-circle instagram-square instagram linkedin-circle linkedin-square linkedin load monitor Video Player Play Icon person pinterest-circle pinterest-square pinterest play readlist remove-circle remove-square remove search share share2 sign-out star trailer trash twitter-circle twitter-square twitter youtube-circle youtube-square youtube

Anonymous hacks Census Bureau, exposing more feds' data

July 27, 2015 (Photo Credit: Economics and Statistics Administration)

Hackers claiming to be affiliated with Anonymous broke into a Census Bureau network and exfiltrated information on users and administrators for a non-confidential bureau database last week.

Information was stolen from Census' Federal Audit Clearinghouse, which maintains and disseminates single audits used to assess whether organizations qualify for federal assistance funding and if they are abiding by all the regulations that accompany that funding.

Related: 'State Department' email just tried to infect my computer

The hackers pulled down information on thousands of users, including emails, phone numbers, addresses, usernames and password hashes. The data includes information on Census and other federal employees, as well as members of organizations with user accounts for submitting audits to the site.

The four files were then posted on paste sites openly available on the web.

Census Bureau Director John Thompson noted that while the information was taken illegally and is considered a breach of a federal network, the compromised database did not contain any confidential data or personally identifiable information.

Related: IARPA funds program to predict next wave of cyberattacks

"While our IT forensics investigation continues, I want to assure you that at this time every indication is that the breach was limited to this database," Thompson said Friday. "The Clearinghouse site does not store any confidential household or business data collected by the Census Bureau. That information remains safe, secure and on an internal network segmented apart from the external site and the affected database."

Census security officials discovered the breach on July 22, at which point they took the site offline to investigate. The site was still down as of Monday morning.

Early investigations suggest the Clearinghouse was the only database compromised in the intrusion, with no evidence hackers were able to gain access to the Bureau's internal networks, according to Thompson.

Related: Cybersecurity package could hit Senate floor this summer

"American taxpayers and businesses entrust the U.S. Census Bureau with their information … we do not take this trust lightly and have a good record of keeping confidential information safe," he said. "The IT security office is continuing its investigation and they will further strengthen our security systems based on what they learn."

According to the hackers that posted the files on the paste sites, Anonymous attacked the Census Bureau in protest of the proposed Transatlantic Trade and Investment Partnership between the U.S. and European Union and the Trans-Pacific Partnership with countries from North America and the Pacific Rim.

Next Article