Cybersecurity

Is public growing 'desensitized' to breaches?

smiley face

The Census Bureau was hacked.

Does anyone care?

Activist group Anonymous took credit for the breach in a July 22 tweet, sending out links to a data trove that appears to contain federal employee names, email addresses, and phone numbers, along with password hashes and security question answers.

The British International Business Times reported on the breach on July 23, and a handful of other news sites have followed suit.

The Census Bureau insists the breach is not that severe, acknowledging “unauthorized access” to its systems but telling IBTimes the data taken was “non-confidential” and that it came from “an external system that is not part of the Census Bureau internal network.”

A bureau statement said access to that external system has been restricted as the incident is investigated.

“Security and data stewardship are integral to the Census Bureau mission,” the statement said. “We will remain vigilant in continuing to take every necessary precaution to protect all information.”

Census Bureau spokespersons did not respond to multiple requests for comment on July 24.

Monzy Merza, chief security evangelist for operational intelligence software firm Splunk, said the situation demonstrates a worrisome trend: In the wake of the massive Office of Personnel Management breaches, which exposed the sensitive personal information of more than 22 million people, people just don’t take as much notice of smaller hacks.

“[M]y real concern is that [the OPM breaches] desensitized the public and government officials to smaller but still damaging breaches like the attack on the Census Bureau,” Merza said.

That desensitization needs to change, he said.

“The lesson from the breaches at the Census Bureau and OPM is the same: Organizations need to understand who is accessing their networks, from where and for how long,” Merza said. “We do not know all the details of the Census Bureau attack or what the ultimate goal of the breach was, but it is clear that we must ensure that our government has the right budget, tools and personnel to continuously defend our networks from all adversaries.”

About the Author

Zach Noble is a staff writer covering digital citizen services, workforce issues and a range of civilian federal agencies.

Before joining FCW in 2015, Noble served as assistant editor at the viral news site TheBlaze, where he wrote a mix of business, political and breaking news stories and managed weekend news coverage. He has also written for online and print publications including The Washington Free Beacon, The Santa Barbara News-Press, The Federalist and Washington Technology.

Noble is a graduate of Saint Vincent College, where he studied English, economics and mathematics.

Click here for previous articles by Noble, or connect with him on Twitter: @thezachnoble.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.