(Removes inaccurate statement in penultimate paragraph saying
USIS could not be reached. A representative for the company
By Jim Finkle and Mark Hosenball
BOSTON/WASHINGTON Aug 22 A cyber attack at a
firm that performs background checks for U.S. government
employees compromised data of at least 25,000 workers, including
some undercover investigators, and that number could rise,
agency officials said on Friday.
The breach at Falls Church, Virginia-based US Investigations
Services (USIS) exposed highly personal information of workers
at the Department of Homeland Security's headquarters as well as
its U.S. Immigration and Customs Enforcement and U.S. Customs
and Border Protection units, two officials familiar with the
investigation into the breach told Reuters.
Some employees have already received letters warning them
about the breach that say compromised information includes
Social Security numbers, education and criminal history, birth
dates along with information about spouses, other relatives and
friends including their names and addresses.
"Records including this data were exposed to unauthorized
users during the cybersecurity intrusion," according to a
notification letter obtained by Reuters. "We do not yet know
whether the data was actually taken."
One DHS official told Reuters the agency has identified some
25,000 employees whose information it believes were exposed in
"More could be notified in coming weeks as we learn more
about the breach," said the official, who asked not to be
identified by name.
The company disclosed the attack earlier this month, but did
not say how many records had been compromised or which agencies
were affected. It did say the intrusion has "all the markings of
a state-sponsored attack."
While the number of employees affected is relatively small
compared to breaches at retailers such as Target Corp,
which have affected tens of millions of customers, security
experts say the attack on USIS is nonetheless quite serious.
Files on background checks contain highly sensitive data
that foreign intelligence agencies could attempt to exploit to
intimidate government workers with access to classified
"They would be collecting this data to identify individuals
who might be vulnerable to extortion and recruitment," said
Dmitri Alperovitch, chief technology officer with cybersecurity
firm CrowdStrike, which sells intelligence on state-sponsored
The Department of Homeland Security has suspended all work
with USIS since the breach was disclosed and the FBI launched an
USIS says it is the biggest commercial provider of
background investigations to the federal government, with over
5,700 employees, and provides services in all U.S. states and
territories, as well as abroad.
A spokeswoman for Altegrity, which owns USIS, declined
comment. Altegrity is majority owned by Providence Equity
(Reporting by Jim Finkle in Boston; Additional reporting by
Mark Hosenball; Editing by Meredith Mazzilli, Leslie Adler, Tom
Brown and Frances Kerry)