The US Department of Homeland Security (DHS) has confirmed a cyberattack on the Homeland Security Information Network (HSIN), a critical platform used by federal, state and local agencies, as well as private-sector partners, to share intelligence and coordinate emergency response operations.

According to reports, the breach occurred between late May and early June and targeted HSIN servers, including an integrated Microsoft SharePoint collaboration system used to exchange real-time alerts, intelligence reports and operational information.

Investigation underway

DHS said it acted immediately after detecting the intrusion by isolating the affected systems, addressing the identified vulnerability and launching a forensic investigation.

In a statement, the department said there is currently no evidence that classified government networks were affected and confirmed that the platform remains operational while investigations continue.

Authorities have not disclosed the full extent of the breach, what information may have been accessed or the identity of those behind the attack.

Concerns over national security

Although HSIN does not handle classified intelligence, it supports the coordination of law enforcement operations, emergency response activities and public safety planning across the United States.

The timing of the incident has raised additional concerns because the platform is currently being used to coordinate security operations for the FIFA World Cup being hosted across the country. Cybersecurity experts warn that prolonged access to the system could have exposed emergency response plans, operational procedures and other sensitive information used by participating agencies.

Growing pressure on government cybersecurity

The breach is the latest in a series of cybersecurity incidents affecting US government systems, highlighting the increasing challenges of protecting critical digital infrastructure against sophisticated cyber threats.

Federal authorities are continuing their investigation alongside the Cybersecurity and Infrastructure Security Agency (CISA), while agencies using HSIN have been advised to review recent system activity and strengthen monitoring for suspicious behaviour.