
In 2020, the US Census Bureau was afflicted by a data breach which would have allowed the attacker to modify its records. While the breach is not believed to have allowed the attacker to extract any data, and the investigation into the incident did not provide any evidence indicating that the information had been stolen, it did make the system to remote modification. Given the importance of the census in the federal government’s planning, such modification would have been disasterous.
The attacker’s access, which was through an unpatched vulnerability on the US Census Bureau’s remote servers, was discovered and removed before any records could be changed. While undeniably a good outcome, a report by a government investigator determined that this situation never should have occured in the first place, as the US Census Bureau had failed to patch its servers on multiple occaisions and those servers were not linked to the event monitoring software which would have detected the intrustion.
The investigation went on to find that after discovering and patching the vulnerability, the US Census Bureau failed to hold any formal debrief on the incident despite its seriousness. While this incident was resolved without serious damage, it should serve as an important reminder to ensure that devices are kept updated and that your security perimeter includes every platform.