The State Department is the latest to fall victim to a cyber-attack and notifications of a possible serious breach were made by the Department of Defense Cyber Command, a source told Fox News Saturday.
It remains unclear if any department operations were affected by the breach, but a source familiar with mass evacuation of thousands of Americans and Afghans from Kabul said Operation Allies Refuge has “not been affected”.
The extent of the breach and the perpetrators behind the attack remains unclear at this time.
“The Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected,” a department spokesperson told Fox News. “For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time.”
The exact timing of the breach is still unknown, along with whether there were any efforts made to mitigate such an attack.
The news of the breach comes just weeks after a Senate Homeland Security Committee report rated the department’s overall information security program as a “D” – the lowest possible rating within the federal government’s model.
The report found the department’s security to be “ineffective in four of five function areas” and highlighted the fact that “sensitive national security information” was at risk.
Names, dates of birth, and social security numbers used for passport vetting were among the sensitive information the committee’s report noted.
“Auditors identified weaknesses related to State’s protection of sensitive information and noted the Department ‘did not have an effective data protection and privacy program in place’,” the committee said.
The Senate report earlier this month also noted that the State Department did not perform timely and required security assessments that were also addressed in a 2015 Inspector General report.