Data on Pastebin was exposed by the infamous black hat hacker CyberZeist, who gained access to the FBI website FBI.gov.
Account information, including names, SHA1 encrypted passwords, SHA1 salts, and emails, are contained in leaked documents.
While professionals at the FBI worked to resolve the issue, the expert provided more details about the attack.
The website administrators appear to have made some unfortunate mistakes. For instance, they left backup files on the same server, which allowed hackers to access them even if they chose not to publish them right away.
Source: https://securityaffairs.com/55042/data-breach/fbi-hacked.html
TPRM report: https://scoringcyber.rankiteo.com/company/fbi
"id": "fed328131123",
"linkid": "fbi",
"type": "Data Leak",
"date": "01/2017",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Law Enforcement',
'location': 'United States',
'name': 'FBI',
'type': 'Government Agency'}],
'attack_vector': 'Exploiting backup files on the same server',
'data_breach': {'data_encryption': 'SHA1',
'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Credentials']},
'description': 'Data on Pastebin was exposed by the infamous black hat hacker '
'CyberZeist, who gained access to the FBI website FBI.gov. '
'Account information, including names, SHA1 encrypted '
'passwords, SHA1 salts, and emails, are contained in leaked '
'documents. While professionals at the FBI worked to resolve '
'the issue, the expert provided more details about the attack. '
'The website administrators appear to have made some '
'unfortunate mistakes. For instance, they left backup files on '
'the same server, which allowed hackers to access them even if '
'they chose not to publish them right away.',
'impact': {'data_compromised': ['Names',
'SHA1 encrypted passwords',
'SHA1 salts',
'Emails']},
'lessons_learned': 'Improper storage of backup files on the same server can '
'lead to data breaches.',
'post_incident_analysis': {'corrective_actions': 'Secure backup file storage '
'practices',
'root_causes': 'Improper backup file storage'},
'recommendations': 'Ensure backup files are stored securely and separate from '
'primary servers.',
'threat_actor': 'CyberZeist',
'title': 'FBI Website Data Breach by CyberZeist',
'type': 'Data Breach',
'vulnerability_exploited': 'Improper backup file storage'}