About 47 government officials in the United States are victims of stolen log-in details to confidential websites. A security company in the US found the details leaked in public sites.
Some of the sites, in which the details have been found, are Malware-infected. Others, like Pastebin, are databases for hackers. Threat intelligence security company Recorded Future said that as of the moment, it cannot determine whether the credentials are active or not.
"Recorded Future identified the possible exposures of login credentials for 47 United States government agencies across 89 unique domains," it stated in its blog. The company has since called out to the government to implement some changes in accessing intelligence accounts.
To make the system more secure, BBC reported that Recorded Future recommended that the government implement a two-component log in for its staff, which only allows remote access to private government sites.
The government officials may have used the same log in details to access public sites. This is viewed as the most likely cause of the stolen credentials. The log in and passwords might also have been used to navigate malware-infected and hacked sites.
Recorded Future senior analyst Scott Donelly expressed his dismay by saying government and intelligence agencies just do not implement necessary changes for better security. The company's official report cited finding 705 emails and log in credentials, all originating from government agencies and stated that it generally scans 680,000 websites yearly.
Credentials were found to also come from the CIA and National Intelligence. Some of the log in details were reportedly connected to the departments of defense, justice, energy, and treasury, BBC reports.
Early this month, the federal government reported a massive hacking incident. Millions of employee data were exposed. It was believed to be done by Chinese hackers, as a virtual terrorist attack against the United States.
Over the last two months, other data breach incidents have been reported. Last April, the White House passed the Cyber Security Bill, a counter measure against the recent computer attacks.
