Department of Homeland Security — Cyber Attacks, Breaches & Threat Activity

Threat entity extracted from intelligence sources

Frequency
22
occurrences
First Seen
November 3, 2025
Last Seen
July 7, 2026

Department of Homeland Security is a organization tracked across 13 threat clusters and 22 intelligence report mentions on ThreatCluster. First observed November 3, 2025; most recent activity July 7, 2026.

Related Threat Clusters

  • CISA Issues Urgent Directive to Patch Check Point VPN Vulnerability Exploited by Ransomware

    CISA has mandated federal agencies to patch a critical vulnerability in Check Point VPN products within 72 hours due to active exploitation by the Qilin ransomware group. The vulnerability, tracked as CVE-2026-42271,…

    8 articles · Updated June 9, 2026
  • CISA Contractor Exposes Sensitive AWS Credentials on Public GitHub

    A contractor for the U.S. Cybersecurity and Infrastructure Security Agency (CISA) left a public GitHub repository named 'Private-CISA' exposed for six months, containing sensitive credentials including AWS GovCloud…

    41 articles · Updated May 19, 2026
  • Opexus Hires Twins with Criminal Past, Fails Background Check

    Opexus hired twins Muneeb and Sohaib Akhter, who had a criminal history including wire fraud and hacking the State Department. The company conducted background checks but missed key red flags from the brothers' past…

    1 article · Updated December 15, 2025
  • U.S. Army Websites Defaced in Pro-Kurdish Hacktivist Attack

    On July 6, 2026, multiple U.S. Army subdomains, including oil.army.mil and ai2c.army.mil, were defaced in a 404 hijacking campaign. The attack displayed messages denouncing President Donald Trump and supporting Kurdish…

    8 articles · Updated July 6, 2026
  • DHS Investigates Breach of HSIN Information-Sharing Network

    The Department of Homeland Security (DHS) is investigating a breach of the Homeland Security Information Network (HSIN), which occurred between late May and early June 2026. An unknown threat actor accessed the network,…

    23 articles · Updated July 1, 2026
  • Cyber Attack Disrupts ICE Personal Info Leak Site

    A website leaking personal information of ICE and Border Patrol agents, ICE List, was targeted by a cyber attack believed to be from Russia. The attack occurred after the site planned to publish the names of 4,500…

    3 articles · Updated January 14, 2026
  • Virginia Brothers Charged with Stealing and Wiping Government Databases

    Twin brothers Muneeb and Sohaib Akhter were arrested for allegedly stealing and destroying sensitive government data after being fired from their contractor positions. The brothers are accused of compromising databases…

    4 articles · Updated December 4, 2025
  • IRS Data Breach: Immigrant Information Shared with ICE

    The IRS improperly disclosed thousands of immigrants' personal information to the Department of Homeland Security (DHS). This incident stems from a data-sharing agreement established in April 2025, which aimed to assist…

    1 article · Updated February 14, 2026
  • CISA Acting Chief Uploads Sensitive Files to ChatGPT

    Madhu Gottumukkala, the acting director of CISA, uploaded sensitive government documents to ChatGPT, triggering internal cybersecurity warnings. The documents, marked 'for official use only,' raised alarms about…

    42 articles · Updated January 29, 2026
  • DHS Secretary Noem Claims Spyware Installed on Her Devices by Staff

    Homeland Security Secretary Kristi Noem has alleged that employees within the Department of Homeland Security secretly installed spyware on her government-issued devices. An investigation is currently underway to…

    15 articles · Updated February 27, 2026

Recent Intelligence Reports

  • Hacktivists call out Trump by hacking and defacing US Army websites — Techcrunch · July 7, 2026
  • DHS confirms hackers breached HSIN info — Bleepingcomputer · July 1, 2026
  • Hackers breached DHS information-sharing network, people familiar say - Nextgov/FCW — Nextgov · June 30, 2026
  • CISA orders federal agencies to patch security tools exploited by Qilin ransomware — Mezha · June 9, 2026
  • US Cybersecurity Agency CISA Left Sensitive Data Exposed — Zamin.Uz · May 19, 2026
  • US cyber agency CISA exposed reams of passwords and cloud keys to the open web — Techcrunch · May 19, 2026
  • Hacktivists claim to have hacked Homeland Security to release ICE contract data — Techcrunch · March 2, 2026
  • Noem says DHS employees secretly installed spyware on her devices — Youtube · February 27, 2026

CVSS v3.1 Breakdown