Hacktivists Claim DHS Breach, Leak 6,600+ ICE Contractor Records
The Department of Homeland Security (DHS) may have been breached… with thousands of ICE contracts exposed.
A self-described hacktivist group called “Department of Peace” claims it hacked Homeland Security systems and published internal contractor records tied to ICE. The group released the data on Sunday, March 1, via a whistleblower website.
The records, hosted on the Distributed Denial of Secrets (DDoSecrets) website, identify thousands of companies connected to federal immigration enforcement contracts. Companies listed include technology firms Microsoft and Oracle. Others include data intelligence company Palantir and defense contractors Raytheon and Anduril.
The DHS has not publicly confirmed the intrusion.
Scope and substance
TechCrunch confirmed the hacktivist group claimed the records came from the DHS Office of Industry Partnership.
In a message accompanying the record release, the group cited what it described as unlawful ICE operations and said it aimed to expose companies supporting the agency. The message referenced the deaths of Alex Pretti and Renee Good, which sparked protests in Minneapolis.
“Why hack the DHS? I can think of a couple Pretti Good reasons!
I’m releasing this because the DHS is killing us and people deserve to know which companies support them and what they’re working on.”
Emphasizing the leak’s total scope, the group’s message also noted:
“I’m disclosing a list containing the details of 6,681 organizations that applied for contracts with the U.S. Department of Homeland Security.”
The leak included two different files: one listing all applicants, and a second listing only those who received contracts.
The leaked records reportedly contain several categories of sensitive data, including:
- Company names
- Company URLs
- Names of various employees and sometimes their titles
- Business and potentially personal addresses
- Employee phone numbers
- Employee email addresses
- Tax identification numbers, including employer identification numbers and potentially SSNs
- Other government contractor IDs, such as UEI numbers and CAGE codes
- Some internal comments by DHS staff regarding things like updates to the information above
Reactions so far
As of publication, the DHS hasn’t debunked or validated the hack claims. However, it’s uncertain whether the entire record came from a breach or was compiled from different online sources.
A security researcher, Micah Lee, created a GitHub page structuring the records for easy access. It offers the option to search by different filters and lists companies based on their contract amount. Cyber Apex Solutions, LLC, topped the list with the highest allocation: $70 million in total.
TechCrunch also noted that the top three companies by allocation, including DHS and ICE, have not responded to requests for comment.
Also read: In January, leaked data exposed thousands of Border Patrol and ICE agents after the Renée Good shooting.
About Author
