A yearlong probe into computer fraud at an immigration application processing center uncovered multiple incidents of internal hacking where staff accessed management-level emails and other confidential files, according to Homeland Security Department interviews, network analyses and internal emails obtained by Nextgov.
The investigation began in January 2008, when officials at U.S. Citizenship and Immigration Services, which is part of Homeland Security, reported to the department’s inspector general that numerous personnel had violated federal security rules at the agency’s Texas Service Center, one of four regional centers that handle a variety of immigration-related petitions and applications. According to the materials obtained, employees and supervisors abused system logon privileges, gained unauthorized access in some instances and then allegedly sabotaged audit logs to leave behind no traces of their illicit activities. IG papers list the redacted names of 17 subjects of the investigation, all of whom were information technology specialists.
The evidence of breaches at the center is the latest revelation of insider threats at USCIS. With their ill-gotten access rights, the Texas personnel were capable of, for example, granting citizenship rights, as well as reading files containing sensitive information on contract awards, immigration reform or other policy formulations, say former USCIS IT officials there at the time.