In a recent cyber incident, a threat actor operating under the alias USDoD has allegedly disclosed a breach affecting the epa.gov domain, housing the U.S. Environmental Protection Agency (EPA) database. According to the claims made by the threat actor, this breach extends beyond national borders, encompassing critical infrastructure contacts on a global scale. The compromised data, said to be contained within three database files archived in a ZIP container, reportedly amounts to a staggering 15 million records, with an uncompressed file size of 3GB in CSV format.
The gravity of this breach is underscored by the diverse range of fields included in the leaked data. From registry IDs to contact details like full names, titles, phone numbers, email addresses, and mailing addresses, the compromised information poses significant privacy and security concerns for both individuals and organizations listed in the database. Moreover, the breach extends to include details such as program system acronyms, affiliation types, and geographical information like city names, state codes, and country names.
Following an examination of the leaked data, it reveals a 500MB Zip archive comprising three CSV files titled “Contact,” “Inter_Contact,” and “Staff.” After deduplicating the records, the count of affected accounts stands at nearly 8.5 million.
With such comprehensive data exposed, the breach raises grave concerns regarding potential misuse, identity theft, and targeted attacks against individuals and organizations within the compromised database. Additionally, the scale and scope of the breach raise questions about the security measures in place to safeguard critical infrastructure data, not only within the United States but across international borders.