Sensitive HHS COVID-19 Emails Leaked by BreachForums Operative

🏢 Company Overview:

• Organization: United States Department of Health and Human Services (HHS)
• Division: Office of the Assistant Secretary for Preparedness and Response (ASPR)
• Function: The ASPR is responsible for preparing the nation for public health emergencies and managing the federal response to emergencies.

🕵️ Breach Details:

• Date of Incident: July 27, 2023
• Discovered By: IntelBroker (BreachForums Operative)
• Nature of Breach: Unauthorized access and subsequent leak of sensitive emails.
• Content Leaked: Internal communications, specifically Requests for Information (RFI) related to COVID-19 responses, including:
  • Subjects Discussed:
    • Wuhan Mission at Travis Air Force Base (AFB), Feb/Mar 2020
    • HHS Reports on Drug Usage for COVID-19 (2020-2021)
  • Details Shared:
    • RFI status, deadlines, event names, and specific requests for data, particularly regarding repatriated individuals from Wuhan, China, and cruise ships affected early in the pandemic.

🎭 Threat Actor Profile:

• Alias: IntelBroker
• Forum: BreachForums
• Reputation: Established member with 1,586 posts and a reputation score of 4,290.
• Motivation: While the post suggests the data is minimal and not highly sensitive, the motivation could range from demonstrating access capabilities to selling the data to interested parties.

💥 Impact Analysis:

• Potential Impact:
  • Operational Risks: The leak could expose HHS internal processes and hamper future emergency response efforts.
  • Privacy Concerns: Sensitive personal information of repatriated individuals might be at risk, though not confirmed.
  • Reputational Damage: The breach may erode public trust in HHS's ability to safeguard sensitive information.
• Affected Stakeholders: HHS personnel, repatriated individuals, and military personnel involved in COVID-19 missions.