What happens when the government agencies protecting us from a cyberattack are attacked themselves? Two federal agencies are dealing with that question Monday.
The U.S. Department of Homeland Security and the FBI said Monday that they are dealing with hackers who somehow obtained personnel data on thousands of staff employees.
A spokesman for the FBI in Chicago said the bureau is aware of the hack job and that their headquarters in Washington, D.C., is handling inquiries on the case.
A cyberattack on the cyberattack police is embarrassing and potentially dangerous.
At the FBI, 20,000 employee names, job titles, email addresses and phone numbers were found on this dark Internet site called Crypto Bin, which also lists the personnel data for 9,000 homeland security employees with credit given to Palestine, Ramallah, West Bank and Gaza.
One intelligence firm that monitors foreign militia groups says a radical Palestinian group may have posted the material.
The information was first put up Sunday night after a tech website reported that anonymous hackers had the material and planned to do a data dump.
Monday night in Washington, both the FBI and Homeland Security officials acknowledge that they are looking into the "unauthorized access of a system ... containing employee contact information."
Homeland Security officials said they have no evidence that there was any breach of sensitive or personally identifiable information.
However, the easy access to this material has intelligence experts puzzled and concerned that hackers may already have obtained sensitive information and are waiting to make that public.
Whoever is behind the public release of data must find it funny. The encrypted website set up by the hackers requires a password to unlock the list of FBI and DHS names, email addresses and phone numbers.
The password is three letters long - LOL, which is computer shorthand for "laughing out loud."
Cyberattack targets both FBI, Homeland Security department