Technology

DHS investigates breach of Homeland Security Information Network

Intelligence sharing platform supports World Cup operations, unclassified systems still carry operationally sensitive data

Images

Zack Whittaker Zack Whittaker techcrunch.com

The US Department of Homeland Security is investigating a breach of its Homeland Security Information Network, a platform used by federal, state and local agencies to share intelligence and coordinate responses to emergencies. According to TechCrunch, the intrusion occurred in late May and early June, and may have exposed information shared on the system; DHS has not said what was taken.

HSIN sits in the unglamorous middle layer of government operations: not a consumer app, but the kind of shared workspace agencies lean on when something goes wrong. TechCrunch notes it is currently supporting World Cup games in the United States, and that it was used last year to manage the response to a mid-air collision over Washington involving an American Airlines jetliner and a US Army helicopter. That means the system’s value is less about classification stamps than about timeliness and context—who is responding, what is being seen on the ground, and what other agencies are doing.

The breach lands against a backdrop of repeated federal cyber lapses that do not look like a single technical flaw so much as a pattern of weak operational control. TechCrunch lists other incidents since the Trump administration took office in January 2025, including the use of unauthorized apps for sensitive discussions and a public spill of passwords and credentials caused by a contractor. In that environment, “unclassified” becomes a bureaucratic comfort word: Senator Mark Warner, the ranking member of the Senate Intelligence Committee, told TechCrunch that HSIN information can be highly sensitive even when it is not formally classified.

DHS, which houses the cybersecurity agency CISA, is also being asked to defend sprawling legacy systems while budgets and staffing are subject to political cycles. TechCrunch reports that the federal government, including DHS and CISA, experienced deep budget cuts under the Trump administration. Even without knowing the attacker’s identity or motive, the incident illustrates how government systems can accumulate users and mission-critical workflows faster than they accumulate clear accountability for hardening, monitoring and access control.

DHS has acknowledged a “cyber incident” involving what it described as a specific, unclassified legacy information-sharing environment. It has not yet said what information was exposed or how much was taken.