A shadowy group of hackers behind a string of recent cyberattacks claimed on Monday to have breached the US Senate website and taken internal data.
The Senate Sergeant at Arms, which is responsible for congressional security, confirmed there had been an intrusion into the server hosting the public website, Senate.gov, but said no sensitive information was compromised.
The hacker group, which goes by the name of “Lulz Security,” published files online at lulzsecurity.com said to have been swiped from Senate.gov.
“This is a small, just-for-kicks release of some internal data from Senate.gov — is this an act of war, gentlemen?” Lulz Security said in a statement.
“We don’t like the US government very much,” the group added. “Their sites aren’t very secure.”
The Sergeant at Arms said Senate computer security staff had discovered an “unauthorized access” over the weekend into the server hosting Senate.gov.
“The intruder did not gain access into the Senate computer network and was only able to read and determine the directory structure of the files placed on Senate.gov,” the Sergeant at Arms said in a statement.
“That server is for public access on the public side of the Senate’s network firewall, and any files that individual Senate offices place there are intended for public consumption,” it said.
The Sergeant at Arms said the intruders took advantage of a vulnerability in a portion of the website that is maintained by an individual Senate office.
“Although this intrusion is inconvenient, it does not compromise the security of the Senate’s network, its members or staff,” the Sergeant at Arms said.
“Specifically, there is no individual user account information on the server supporting Senate.gov that could have been compromised,” it said.
The Sergeant at Arms said it would be conducting a security review of all of the sites hosted on Senate.gov.
Lulz Security, whose name is derived from the text-messaging shorthand phrase LOL, or “laugh out loud,” has claimed credit for a series of cyberattacks in recent weeks.
The targets have included Sony’s online operations, an FBI partner website, the website of videogame developer Bethesda Softworks and the website of the US non-profit Public Broadcasting Service.
