June 21, 2024 at 06:39AM
The US cybersecurity agency CISA has notified participants of the CFATS program that personal information and user accounts may have been compromised following a hack of the CSAT. The incident, considered “a major incident”, potentially impacts over 100,000 individuals. While CISA found no evidence of data exfiltration, some information may have been accessed by the hackers. CISA urges impacted individuals to reset their passwords and is requesting chemical facilities to notify affected people of the potential data breach.
The meeting notes provide a detailed account of the hacking incident at the US cybersecurity agency CISA involving the Chemical Security Assessment Tool (CSAT) and the potential impact on the participants of the Chemical Facility Anti-Terrorism Standards (CFATS) program. The hackers exploited an Ivanti Connect Secure appliance zero-day to access CISA’s tool, potentially accessing personal information and user accounts for more than 100,000 individuals. CISA has not found evidence of data exfiltration from its systems but indicates that some information may have been accessed. The potentially compromised information includes personally identifiable information (PII), CSAT user account details, and information related to chemical facilities such as names, addresses, and security features. CISA is taking steps to notify and support the affected individuals and organizations, and individuals with CSAT accounts are encouraged to reset their passwords.