Hackers from the amorphous cyber-crime collective Anonymous claim to have leaked the data from 4,200 United States Census Bureau files.
— Anonymous Operations (@AnonOpsSE) July 22, 2015
The group claims to be upset about certain provisions within the Trans-Pacific Partnership and Transatlantic Trade and Investment Partnership free trade agreements, and leaked the data to protest it. Specifically, the collective worries that civil liberties, such as freedom of speech, will be abridged as a result of more strident intellectual property regulations contained within the deals.
The hackers stole and published information like usernames, e-mails, office phone numbers, and other data related to the government workers.
Although the information of non-government civilians was not compromised in this particular hacking, it is possible that the weakness exploited by Anonymous could be exploited by other malicious actors to steal other data.
This cyber-attack comes several weeks after the federal Office of Personnel Management revealed it was hacked by foreign agents.
The Census Bureau has issued a statement in response to the hacking: “The U.S. Census Bureau is investigating an IT security incident relating to unauthorized access to non-confidential information on an external system that is not part of the Census Bureau internal network. Access to the external system has been restricted while our IT forensics team investigates,” a Census Bureau representative said. “Security and data stewardship are integral to the Census Bureau mission. We will remain vigilant in continuing to take every necessary precaution to protect all information.”
In a blog post published on July 24, the Census Bureau director John H. Thompson explained how Anonymous got the data: “It appears the database was compromised through a configuration setting that allowed the attacker to gain access to the four files posted to the hacker’s site. The hackers acquired the data illegally,” he said.
“Within 90 minutes of learning of the breach, we made the system inaccessible. It will remain offline until we can complete our thorough investigation and take steps to ensure the systems integrity in the future,” the post also explained.
Anonymous, the hacking group behind the Census Bureau attack, is known for being highly disorganized. There is no real organizational structure to join, and most self-identified Anonymous members simply claim to be connected to the collective in order to become members, making it difficult for authorities to track them.