Exposed DHS Intel Data Data Center sensitive to thousands of unauthorized users

to divide Implementary security mandate for implementation Local monitoring It was a source of concern for privacy preachers since the organization was created for the first time in the wake of the September 11 attacks. Now, the data leakage that affects the arm of the Ministry of National Security has shed light on not only how the administration gathered and traded sensitive information – including monitoring Americans – but on how to once leave it that data exposed to thousands of workers in the government sector, and even foreign citizens who have never taught it to see it.

and DHS internal note It was obtained by a Freedom of Information Law (FOIA) requested and shared with WIRED that it reveals that from March to 2023, a DHS platform used by the Intelligence and Analysis Office of the Ministry of National Security (I & A) to exchange sensitive but not classified intelligence information, and the intelligence and investigation between DHS, FBI, the anti -terrorist center, local intelligence centers, and intelligence centers in the United States. platform.

Data accessed, according to the DHS described in the memo, was supposed to be limited to the users of the Intelligence Department of the Internal Security Information Network, known as HSIN-Intel. Instead, he was appointed to grant access to “everyone”, exposing information to tens of thousands of HSIN users. Among the unauthorized users who managed to reach US government workers focus on areas unrelated to intelligence or law enforcement such as response to disasters, as well as private sector contractors and foreign government employees with the possibility of access to HSIN.

“DHS announces HSIN as safe and says the information she keeps is sensitive and decisive information for national security,” says Spencer Reynolds, the lawyer of the Brennan Center for Justice who obtained the memo via FOIA and its participation with Wire. “But this incident raises questions about their seriousness of information security. Thousands and thousands of users have access to information that they were never supposed to be.”

HSIN-Intel data includes everything starting from customers expected in law enforcement and advice to reports on foreign penetration and misinformation campaigns, and analysis of local protest movements. The memorandum on HSIN-Intel is specifically mentioned, for example, a report discussing “protests related to the police training facility in Atlanta”-so well, the COP COP protests that oppose the establishment of the General Safety Training Center in Atlanta-which does not focus on “media procedures such as stones such as musical stones and Molotov.

In total, according to a memorandum on DHS internal investigation, 439 I & A on the HSIN-Intel part of the platform was incorrectly reached 1525 times. Among those unauthorized cases, the report found that 518 private sector users and 46 other citizens of the United States. The arrival of foreign user “almost” focused on cybersecurity, the memory of the report, and 39 percent of all incorrectly accessible intelligence products, which include cybersecurity, such as the groups of infiltrators sponsored by the foreign state and foreign targeting of government information technology systems. The memorandum also noted that some unauthorized American users who have seen the information will be eligible to access the restricted information if they asked to consider the mandate.

“When this coding error was discovered, I immediately identified the problem and investigated any possible damage,” an internal security spokesman said in a statement. “After an intensive review, multiple supervision bodies decided that there was no effective or dangerous security breach. The Ministry of National Security takes all security and privacy measures seriously and is committed to ensuring their intelligence with partners from the federal, local, tribal, regional, and private sectors to protect our country from the numerical threats we face.”