Want CNET to notify you of price drops and the latest stories?

Data attack targets Commerce Department

Bureau was target of attempt to gain access to employees' user account information for its computer network.

Dawn Kawamoto Former Staff writer, CNET News
Dawn Kawamoto covered enterprise security and financial news relating to technology for CNET News.
Dawn Kawamoto
A Commerce Department bureau was the target of an attempt to gain access to employees' user accounts on its computer network, according to media reports.

The attack, which was discovered in July and came to public attention this week, specifically focused on the Department's Bureau of Industry and Security (BIS), which is responsible for such areas as export control and treaty compliance.

"The BIS discovered a targeted effort in July to gain access to user accounts, and we took immediate steps to ensure no information was comprised," Richard Mills, a spokesman for the Commerce Department, said Friday.

Although Mills declined to elaborate further, the Wall Street Journal reported that the BIS was replacing hundreds of workstations.

Meanwhile, one department official told CNET News.com that the BIS was cleaning up its computer system and receiving new hardware. The official noted that Internet access has been restricted to standalone workstations that are not connected to the bureau's other internal systems.

Commerce Department officials believe the malicious attack originated in China, a region frequently cited as a source, along with Eastern Europe, for spawning Trojans, phishing attacks and other security threats. The official noted that the attack was traced back to an Internet service provider based in China.