- Sources familiar with the matter have reported details of the HSIN incident
- A DHS spokesperson has addressed the cyber investigation
- The 2026 Homeland Security Summit will examine AI, cyber defense and more
The Department of Homeland Security is investigating unauthorized activity involving the Homeland Security Information Network, or HSIN, a platform that facilitates information-sharing among government and industry partners, according to a Nextgov/FCW report citing sources familiar with the matter.

As agencies continue to strengthen cybersecurity measures and protect critical information-sharing capabilities, government and industry leaders will gather at the Potomac Officers Club’s 2026 Homeland Security Summit on Nov. 12 to discuss emerging mission priorities. The event will feature discussions on artificial intelligence, cyber defense and operational capabilities across major DHS agencies. Reserve your spot now!
What Is Known About the HSIN Cyber Incident?
According to the report, DHS is examining an intrusion involving HSIN that is believed to have occurred sometime between late May and early June and may have resulted in unauthorized access to sensitive data exchanged among federal, state, local and industry partners through the information-sharing platform.
One person familiar with the matter said the DHS Office of Intelligence and Analysis has performed a damage assessment related to the incident and noted that the threat actor targeted HSIN servers and a SharePoint collaboration system.
The identity of the threat actor and whether information was removed from the system remain unclear, according to sources familiar with the matter.
What Is HSIN?
HSIN is a DHS platform designed to facilitate the sharing of sensitive but unclassified information among government agencies and approved partners.
According to DHS, authorized users rely on HSIN to access homeland security data; securely distribute requests for information among agencies; and use collaborative tools to manage operations, coordinate planned event safety and security, respond to incidents and share information needed to fulfill mission objectives.
What Did a DHS Spokesperson Say About the Cyber Incident?
An unnamed spokesperson for DHS told Nextgov/FCW that the department is aware of the recent cyber incident involving an unclassified legacy information-sharing environment and has taken steps to address the issue while the investigation continues, such as isolating the affected systems and conducting a comprehensive forensic investigation.
“There is no indication that classified networks were impacted, and the system remains operational for our partners. As this is an ongoing investigation, we cannot provide further operational details at this time,” the spokesperson said.
How Does the HSIN Incident Align With Broader Cybersecurity Efforts?
The reported cyber incident involving HSIN comes as the current administration continues to advance efforts to strengthen the U.S. cybersecurity posture and address evolving cyberthreats.
In June, President Donald Trump signed a memorandum directing the reestablishment of the Committee on National Security Systems as part of efforts to strengthen the cybersecurity of the country’s national security systems. He also signed two executive orders to advance U.S. quantum technology capabilities and prepare federal systems for cybersecurity risks posed by powerful quantum computers.
Separately, leaders of the Five Eyes cybersecurity agencies issued a joint statement warning that artificial intelligence is rapidly changing the cyberthreat landscape and shortening the timeline between vulnerability discovery and exploitation.






