The US Environmental Protection Agency (EPA) has confirmed to Cybernews that it's investigating the contents of an alleged data leak posted by a known threat actor on a popular hacker forum this past weekend.
After conducting a “preliminary analysis,” the EPA said the data appears to be “business contact information already available to the public.”
The EPA said the information was previously released to provide the public “a comprehensive picture of environmental impacts.”
The agency did not mention exactly when it had made the information publicly available, but after examining a sample of the dataset, the Cybernews research team noted that the last data point in the cache dates back to 2016.
The EPA data leak was posted April 7th on BreachForums, an online marketplace where hackers buy, sell, and trade stolen data, among other items.
The EPA did not provided ay further information except to say it is “continuing its investigation into this matter.”
Known by the username “USDoD,” the threat actor claims to have three EPA database files chock full of contact information gathered from critical infrastructure facilities located all over the world.
Titled “epa.gov Database 15M,” Cybernews researchers verify that the sample provided by USDoD appears to be legitimate.
The threat actor claims the dataset holds a whopping 15 million data points on 8.5 million individuals, including names, surnames, email addresses, phone numbers, job titles, and company names.
USDoD has claimed responsibility for several high-profile hacks such as Airbus, Deloitte, NATO, CEPOL (European Union Agency for Law Enforcement Training), Europol, and Interpol.
“Incredible work, leaks like these are incredibly harmful for US government agencies i hope they take the time to seriously consider better security,” a fellow BreachForums user commented on the April 7th leak post.
More from Cybernews:
Total solar eclipse is stunning spectacle across North America
Musk: AI will be smarter than smartest human by end of next year
Ukraine’s Blackjack credited for taking down data center used by Russian military
Microsoft to open new AI hub in London
Important online privacy protection act presented in Congress
Your email address will not be published. Required fields are markedmarked