Hackers breached DHS after alarms were twice ruled 'false positives'
- An internal DHS readout shows analysts twice dismissed intrusion alerts on the HSIN information-sharing network as false positives
- This effectively gave hackers roughly three weeks of undetected access before a breach was declared on June 4 2026
- The as-yet anonymous attackers altered server files, ran malicious code through a legitimate web-server program, deleted logs, installed backdoors, and stole credential files
Hackers managed to find their way into the US Department of Homeland Security's primary information sharing platform, gaining unfettered access to the HSIN network that hosts unclassified information that multiple US agencies and international rely on.
The hack allowed the attackers to modify server files, run malicious code and steal credential files while installing backdoors and deleting logs to remove their digital footprint.
Their movements were flagged twice by automated systems and analysts in May 2026, before being dismissed as a false positive each time before an active breach was...
Copyright of this story solely belongs to techradar.com. To see the full text click HERE