The U.S. Department of State is currently investigating a cyber incident after a threat actor leaked documents allegedly stolen from a government contractor, Acuity, a technology consulting firm. The leaked data reportedly contains classified information belonging to the Five Eyes intelligence alliance, including personal information of government, military, and Pentagon employees.
The threat actor, known as IntelBroker, has been leaking data since December allegedly stolen from various government agencies, including ICE & USCIS, the Department of Defense, and the U.S. Army. IntelBroker gained notoriety after breaching DC Health Link, exposing personal data of 170,000 individuals, including members and staff of the U.S. House of Representatives.
The leaked data from Acuity includes full names, emails, office numbers, and personal cell numbers of government employees. IntelBroker has shared screenshots of some stolen documents but has not disclosed the method used to obtain them. The State Department is currently investigating the incident and takes its responsibility to safeguard information seriously.
It is not known if the recent incidents are related to the Five Eyes data leak, but there seems to be an overlap in the leaked data. NSA and Acuity spokespersons were not immediately available for comment, and CISA declined to comment on the matter. The cybersecurity community is closely monitoring the situation as more information unfolds.