A group calling itself the "Islamic State Hacking Division" released personal information for hundreds of U.S. military and government personnel via Twitter on Tuesday, urging group members to carry out attacks.
Names, emails, passwords and phone numbers of more than 1,480 members have been exposed, according to reports. Personnel listed include members of the Air Force, Marine Corps, NASA, FBI, State Department and the Port Authority of New York and New Jersey.
"We are still looking into the incident," said Marine Lt. Col. Jeffrey Pool, a Pentagon spokesman. "We don't really have much because most of the email address appear to be really old and passwords listed in the tweet don't match up with our password strength requirements. "
The group urged "lone wolves" to "process the info and assassinate," according a screenshot obtained by news website Vocativ. The Twitter account is said to belong to British Islamic State hacker Junaid Hussein, also known as Abu Hussain al-Britani. The account has since been suspended.
Army Chief of Staff Gen. Ray Odierno said in a press conference Wednesday that "this is the second or third time they've claimed that and the first two times I'll tell you, whatever lists they got were not taken by any cyber attack."
"This is no different than the other two," Odierno said. "But I take it seriously because it's clear what they're trying to do ... even though I believe they have not been successful with their plan."
It is unknown if the division is connected to the CyberCaliphate group, which in January exposed similar information and hacked the official U.S. Cyber Command Twitter account; in May, CyberCaliphate exposed for-official-use-only documents containing personal identifying information of Defense Department personnel through Newsweek's Twitter account.
"The release of such information makes it more personal," said cybersecurity expert Bryan Gorczyk. "Because you're not just worried about terrorism, you're worried about identity theft, people finding things out about you you don't want them to know, so there are concerns on a number of fronts," Gorczyk told Military Times.
Gorczyk said that Twitter becomes a good outlet for exposing such information because "a lot of people are looking at it, and the the short, targeted messages get out there, and that's why this could be so attractive to" the hostile groups.
Kevin Knierim, a former FBI agent and founder of Cyopsis — an electronic investigative, forensic and security consulting firm — said that the groups can bolster their support by showing their followers how broad their capabilities are.
"I think you could also come at it from the angle that ISIS could pay or 'enlist' hacker groups to do their bidding," Knierim said.
Gorczyk said it was hard to say how the source material was obtained. How and where the information was previously stored may shed light on how the hacking division may have been able to extract the information.
"It could be something as sophisticated inside of a defense network, but you can't just count out the fact that some individual user doesn't have that individual list on their own home or personal computer and fell victim to some sort of phishing attack through an email," Gorczyk said. "It could have just been a very common document" that many could have had access to, he said.
Multiple agencies have been working to mitigate and apprehend sympathizers to the cause within the United States; FBI Director James Comey on July 23 visited the bureau's Colorado office and warned about the so-called Islamic State group's use of social media to radicalize young people living in the United States.
"This terrorism is in your pocket, on your hip, in your jacket pushing you all day long with slick propaganda," Comey said.
"I think what this group is hoping to gain is to reach these sympathizers with this information and hope someone is willing to do something with it," Gorczyk said.