fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Former DHS Official Charged with Stealing Govt Employees’ PII

Former DHS Official Charged with Stealing Govt Employees’ PII

A former Department of Homeland Security official pleaded guilty today to stealing confidential and proprietary software and sensitive databases from the US government containing employees’ personal identifying information (PII).

61-year-old Charles Kumar Edwards coordinated the scheme while working for DHS-OIG (Department of Homeland Security, Office of Inspector General) as an employee and a former acting inspector general between February 2008 and December 2013.

Before working at DHS-OIG, Edwards also worked at the Transportation Security Administration (TSA) and the U.S. Postal Service – Office of Inspector General (USPS-OIG), according to the indictment.

While working at these government agencies, the defendant had access to multiple software systems and sensitive government databases that held sensitive personally-identifying information of DHS and USPS employees.

In September 2015, “after leaving DHS-OIG, Edwards founded Delta Business Solutions Inc., located in Maryland,” a Department of Justice press release published today says.

Also Read: 7 Key Principles of Privacy by Design that Businesses should adopt

“From at least 2015 until 2017, he stole software from DHS-OIG, along with sensitive government databases containing personal identifying information of DHS and USPS employees, so that his company could develop a commercially-owned version of a case management system to be offered for sale to government agencies.”

PII of hundreds of thousands of DHS employees stolen

Two other defendants, former DHS-OIG IT Specialist Murali Yamazula Venkata and Enterprise Applications Branch Chief in DHS-OIG’s IT division Sonal Patel, allegedly stole copies of database files containing the PII of roughly 246,167 DHS employees and around 6,723 USPS employees.

The PII was copied from DHS-OIG’s EDS system, DHS-OIG’s EDS source code, including an eSubpoena module, DHS-OIG’s database, and USPS-OIG’s STARS database and PARIS system.

The conspirators also purportedly misappropriated a key management services code and multiple activation keys associated with various Microsoft software products.

The stolen PII and Microsoft keys and code were then delivered to Edwards after leaving his employment with the DHS-OIG.

Edwards was also given copies of DHS-OIG and USPS-OIG documents and information that would help him develop a private, commercially-owned version of a case management system to be offered for sale to government agencies.

Also Read: 6 Simple Tips on Cyber Safety at Home

“Defendant EDWARDS used, possessed, and transferred stolen DHS-OIG and USPS-OIG documents and information, including PII of DHS and USPS employees, to software developers in India who were assisting Defendant EDWARDS with the creation and development of a private, commercially owned version of a case management system to be offered for sale to government agencies for the benefit, enrichment, and profit of Defendant EDWARDS and his business DB,” according to court documents.

“Defendants EDWARDS and VENKATA and Patel concealed their theft and the provision of software, source code, databases, documents, information, and PII to Defendant EDWARDS by arranging roadside meetings to pass media and equipment to Defendant EDWARDS, by emailing documents to their personal email accounts before forwarding them on to Defendant EDWARDS, and by concealing from DHS-OIG employees the purpose of their request for software.”

Edwards has pleaded guilty in the U.S. District Court for the District of Columbia to conspiracy to commit theft of government property and theft of government property. He will be sentenced at a later date.

A federal district court judge will decide a sentence for Edwards after considering US sentencing guidelines and other statutory factors.

56-year-old Venkata, his co-conspirator, has pleaded not guilty to the charges and his case is still pending.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us