It’s now believed, CyberScoop reports, that six US Federal civilian agencies have been affected by the DNS-hijacking campaign that prompted the Department of Homeland Security to issue Emergency Directive 19-01 this week. Representative James Langevin (Democrat of Rhode Island) has asked the Department to brief the House Homeland Security Committee on the matter. Private security firms, FireEye prominent among them, have said they see signs of Iranian sponsorship of recent DNS-hijacking campaigns.
BuzzFeed reports that the Integrity Initiative, a project of the Institute for Statecraft (a British think tank) has apparently been hacked, with stolen material appearing in Russian outlets Sputnik and RT, framed in stories alleging the Initiative's role in fomenting anti-Russian sentiment. The Integrity Initiative has devoted considerable attention to exposing Russian information operations. The UK's National Cyber Security Centre and others are examining the Initiative's servers and its employees' devices for evidence of compromise. Suspicion, on grounds of motive and a priori probability, has turned toward Moscow, but the investigation is still young, and the Integrity Initiative has taken its content offline until further notice.
Researcher Bob Diachenko has provided details on the exposure of more than 24 million financial and banking documents in an unsecured Elastisearch database. The documents, mostly pertaining to loans and mortgages from large US banks, were exposed, TechCrunch says, by a third-party document management vendor widely used by the financial industry.