Hackread reports that the U.S. Environmental Protection Agency had data from almost 8.5 million individuals exposed following a major data breach claimed to have been conducted by threat actor USDoD.
USDoD disclosed that it was able to infiltrate the EPA and leak the agency's entire database that had the personal and sensitive files from its customers and contractors, including full names, email addresses and domains, company names and addresses, job titles, and ZIP codes, among others.
While the exposed data was noted by Hackread to be legitimate, there has been no confirmation yet from the EPA, which was already informed regarding the breach along with the Cybersecurity and Infrastructure Security Agency.
Such an incident is feared to not only result in state-backed cyberespionage operations but also reduced reporting of environmental violations to the EPA. The attack also comes after significant data breaches impacted EquiLend, Acuity, American Express, and the Los Angeles International Airport.