Summary
Hackers successfully breached the Department of Homeland Security's HSIN information-sharing network after intrusion alerts were twice dismissed as "false positives." This allowed attackers undetected access for approximately three weeks, during which they modified server files, ran malicious code, deleted logs, installed backdoors, and stole credential files.