[ISN] Dept. Of Energy Breach: Bigger Than We Realized

http://www.informationweek.com/security/attacks/dept-of-energy-breach-bigger-than-we-rea/240162952 By Mathew J. Schwartz InformationWeek October 22, 2013 The Department of Energy has revised its count of the number of people whose information was compromised in a July 2013 intrusion that resulted in the theft of personal information. “The department has now identified approximately 104,179 past and current federal employees, including dependents and contractors, whose name, social security number, and date of birth were compromised by this cyber incident,” says a July 2013 Cyber Incident FAQ released by the agency’s Office of the CIO. That data breach victim count more than doubles the number of records that the agency previously thought might have been compromised. Of the people affected, “64,480 are personnel within our direct DOE Federal and M&O [management and operating] Contractor Community, including spouses, dependents, and former employees,” according to a memo distributed to DOE employees on Oct. 11, 2013. “The remainder are personnel from other federal agencies and support contractors.” The memo further disclosed that 2,800 employees who have their DOE salary directly deposited into their bank account had that bank account number compromised as well. The agency said it’s been able to notify most