
The U.S. Department of Homeland Security is investigating a cyberattack involving the Homeland Security Information Network, a platform used by government agencies and law enforcement to share sensitive information. The department isolated the affected systems and launched a forensic investigation after discovering the incident.
Hackers reportedly accessed HSIN servers between late May and early June 2026. DHS has not disclosed what information was accessed, whether data was stolen or how many agencies and users were affected.
An unnamed DHS spokesperson described the target as a specific, unclassified legacy information-sharing environment. The department said it had acted immediately to contain the incident, address the vulnerability and investigate its scope.
HSIN Supports Emergency and Security Coordination
The Homeland Security Information Network is DHS’s official platform for sharing sensitive but unclassified information. Federal, state, local, Tribal, territorial and international agencies use it alongside private-sector partners.
The platform supports intelligence sharing, operational planning and responses to emergencies and major events. It is currently being used to support security operations for the FIFA World Cup and America250 commemorations, according to Senator Mark Warner.
HSIN was also used during the response to the January 2025 collision between an American Airlines passenger aircraft and a U.S. Army Black Hawk helicopter near Washington, D.C. The crash killed 67 people.
A security problem in 2023 previously exposed restricted HSIN material to users who were not authorized to view it. That incident was linked to an access configuration error caused by a contractor’s coding mistake.
Senator Warns of National Security Risks
Warner, the vice chair of the Senate Intelligence Committee, said the information stored on HSIN is not classified but remains highly sensitive. He warned that its exposure could create national security risks.
In an official statement, Warner called on DHS and the Department of Justice to identify the attackers, determine what they accessed and inform affected partners. He also said DHS must examine how the breach occurred and prevent similar incidents.
The identity, affiliation and motives of the attackers remain unknown. DHS has not said when its investigation will be completed or whether it plans to notify individuals or organizations whose information may have been exposed.
Featured image credits: Isriya Paireepairit via Flickr
For more stories like it, click the +Follow button at the top of this page to follow us.
