The United States State Department was the latest federal body to fall prey to a cyberattack and notifications of a potentially serious breach were made by the Department of Defense Cyber Command, according to US media reports.

“The Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected,” a department spokesperson said, according to Fox News. “For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time.”

ALSO READ | Pegasus row: Why commercialisation of digital surveillance is a problem

Reportedly, the breach is believed to have occurred weeks ago, however, it’s unclear when it was first discovered. Nothing has also been specified about the extent of the breach and whether or not there is any ongoing risk to operations is also unclear.

A source familiar with the mass evacuation of thousands of Americans and Afghans from Kabul told Fox News that ‘Operation Allies Refuge’ has “not been affected”.

Meanwhile, a knowledgeable source told Reuters that the State Department has not experienced significant disruptions and has not had its operations impeded in any way.

The recurrence of such cyberattacks in the United States has increased manifold in the last year. The most recent ransomware attacks targeting United States-based organisations include the Colonial Pipeline attack in early May this year, the attack on meat-producing company JBS and the SolarWinds attack.

Additionally, the news of the breach comes just weeks after a Senate Homeland Security Committee report rated the department’s overall information security program as a “D” – the lowest possible rating within the federal government’s model, according to Fox News.

ALSO READ | Kaseya ransomware attack: Hackers demand $70 million ransom

According to the report, the department’s security is “ineffective in four of five function areas,” and “sensitive national security information” is at risk.

The committee’s investigation highlighted that names, dates of birth, and social security numbers utilised for passport screening were among the sensitive information.

“Auditors identified weaknesses related to State’s protection of sensitive information and noted the Department ‘did not have an effective data protection and privacy program in place’,” the committee said, according to Fox News reports.

Furthermore, the Senate report earlier this month noted that the State Department did not perform timely and required security assessments that were also addressed in a 2015 Inspector General report. 

According to the study, the department’s security is “ineffective in four of five function areas,” and “important national security information” is in danger.