Hackers breached DHS after alerts were twice ruled “false positives”


  • An internal DHS readout shows that analysts twice dismissed intrusion alerts on the HSIN information-sharing network as false positives
  • This effectively gave hackers approximately three weeks of undetected access before a breach was declared on June 4, 2026
  • The as-yet-anonymous attackers modified server files, ran malicious code through a legitimate web server program, deleted log files, installed backdoors, and stole credential files

Hackers managed to break into the US Department of Homeland Security’s primary information-sharing platform, gaining unfettered access to the HSIN network, which hosts unclassified information that several US and international agencies rely on.

The hack allowed the attackers to modify server files, run malicious code and steal credential files, while installing backdoors and deleting logs to remove their digital footprint.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top