top of page
  • Writer's pictureAccess Compliance

CISA Notification of CSAT Cybersecurity Intrusion



CISA Notification of CSAT Cybersecurity Intrusion (Shared from VPPPA Region 2!)

--


"The Cybersecurity and Infrastructure Security Agency's (CISA) Chemical Security Assessment Tool (CSAT) was the target of a cybersecurity intrusion by a malicious actor from January 23-24, 2024. While CISA's investigation found no evidence of exfiltration of data, this may have resulted in the potential unauthorized access of Top-Screen surveys, Security Vulnerability Assessments, Site Security Plans, Personnel Surety Program submissions, and CSAT user accounts.


Following the reporting requirements under the Federal Information Security Modernization Act (FISMA), CISA is notifying participants in the Chemical Facility Anti-Terrorism Standards (CFATS) program about the intrusion and the potentially impacted information. CISA is encouraging facilities to maintain cybersecurity and physical security measures according to normal procedures.


In addition to direct facility notification and individual notifications provided by facilities for impacted individuals, CISA has also notified potentially impacted individuals of the incident and published cisa.gov/csat-notification with additional updates, as available.


CISA is hosting two webinars for stakeholders during which we will review the information provided in the frequently asked questions. The webinars will be held on Monday, June 24, 2024, at 2:30 pm ET (11:30 am PT) and Tuesday, July 9, 2024, at 2:30 pm ET (11:30 am PT). Both webinars will cover the same material.


Register for June 24, 2024, Webinar


Register for July 9, 2024, Webinar


Questions about this incident by chemical facilities or their third-party partners should be addressed to CISA Chemical Security at CFATS.Notifications@cisa.dhs.gov. Potentially impacted individuals should review the webpage for additional tools and resources."

3 views0 comments

Recent Posts

See All

Comments


bottom of page