A major cybersecurity breach at the Federal Emergency Management Agency exposed employee data from both FEMA and U.S. Customs and Border Protection, according to Nextgov/FCW.The attack began June 22 when hackers exploited compromised credentials to access FEMA's Citrix virtual desktop infrastructure, later exfiltrating data from Region 6 servers, which oversee five southern states and nearly 70 tribal nations.The Department of Homeland Security said FEMA's IT staff had failed to enforce basic protections such as multi-factor authentication, fix critical vulnerabilities, and address known risks, which led to their dismissal on Aug. 29. DHS Secretary Kristi Noem accused senior FEMA technology officers of resisting audits and misleading officials.The flaw, linked to the CitrixBleed 2.0 vulnerability, has been widely publicized for allowing attackers to bypass authentication controls. FEMA has since overhauled its IT structure, naming acting CIO Diego Lapiduz to lead recovery efforts while additional security measures and staff restructuring are underway.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



