Powered by MOMENTUMMEDIA
For breaking news and daily updates, subscribe to our newsletter

DHS confirms cyber incident on information sharing platform

The US Department of Homeland Security (DHS) has confirmed that a cyber attack has impacted its information sharing platform.

Thu, 02 Jul 2026
DHS confirms cyber incdent on information sharing platform

As initially reported by Nextgov, an unknown threat actor launched a cyber attack on the Homeland Security Information Network (HSIN), which is an information-sharing network used for sharing sensitive data with federal, state and local government and their private sector partners.

The incident was believed to have taken place between late May and early June, according to anonymous sources speaking to media.

“The Department of Homeland Security is aware of a recent cyber incident involving a specific, unclassified legacy information sharing environment,” a DHS spokesperson told Nextgov.

 
 

“We immediately took action to isolate the affected systems, mitigate the vulnerability, and launch a comprehensive forensic investigation.

“There is no indication that classified networks were impacted, and the system remains operational for our partners. As this is an ongoing investigation, we cannot provide further operational details at this time."

According to the report, the threat actors, which were not named, targeted the HSIN servers as well as a SharePoint network used for collaboration.

Approved users of the HSIN are able to access data, manage operations, respond to incidents, share critical data for community protection, exchange requests with partner agencies and coordinate security. It's also used to share data about potential threats, persons of interest and is capable of real time information sharing and communication.

With the FIFA World Cup being hosted by the US, Nextgov expressed concern that the incident could expose agency collaboration, and security planning, as well as incident response measures.

This is the second security incident the HSIN has suffered in recent history, after an access misconfiguration following a contractor’s coding error caused sensitive HSIN data being exposed to unauthorised users back in 2023.

This allowed users with any permissions to see data that was restricted for a select few. According to a source seen by Nextgov, the consequences of the incident are still unclear.

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.
Tags:

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.