USAGM Suffered a Data Breach
The US Agency for Global Media is a government agency that runs several state-run media outlets like Radio Free Europe, Voice of America, Radio Free Asia, Office of Cuba Broadcasting, and Middle East Broadcasting Networks. It strives to “inform, engage, and connect people around the world in support of freedom and democracy.” As per a notification shared by former Voice of America White House correspondent Dan Robinson, the USAGM has suffered a data breach incident last December after falling for a phishing attack. This led the attackers to breach the staff email and access personal details of USAGM’s current and former employees, especially from the Voice of America and Office of Cuba Broadcasting branches. Breached data include full names and social security numbers of the employees of USAGM from 2013 to 2020, the names and SSNs of their beneficiaries and dependents. After learning about the breach, USAGM started educating its employees about phishing attacks and setting MFA to the agency’s SharePoint, Office 365, and OneDrive accounts. Also, it’s offering a one-year Experian IdentityWorks subscription to those affected for monitoring any suspicious identity attacks. While it’s taking remedial steps now, it may be so late. The agency started informing the employees after four months of experiencing the attack. Thus the attacker could have already started his malicious operations. These could be more impersonating attacks or just selling the whole database (if stolen) on the dark web to let others do other malicious operations.