The NSA Hack, How Did it Happen?

  • By David Lukic
  • Sep 08, 2020

The National Security Agency (NSA) was the main attraction in a major data breach involving three different participants, and as a result, they had to change national security protocols and operations. The NSA is responsible for national security; therefore, it would seem that their systems and security measures would be impenetrable; not true.

NSA hack

Who Was Involved In The NSA Hack?

Harold T. Martin III, Nghia Pho, and a hacker group called the shadow brokers are all suspected of being involved in NSA’s data breach.

Harold T. Martin III was found guilty of insider data breach and stealing piles of 50 terabytes of confidential documents and computer information compiling the most significant data breach of the NSA ever. Although there is no evidence Mr. Martin (an ex contractor for the NSA’s Tailored Access Operations hacking unit) sold or shared the information, it was leaked.


Another contractor, 70-year old Nghia Pho, also was found guilty of stealing the NSA’s most powerful hacking tools and cybersecurity weapons. These were left unprotected on Pho’s computer, and as a result, the NSA had to abandon all operations which used these tools. 

Additionally, a hacker group called The Shadow Brokers offered up many of the NSA’s best-kept secrets and hacking tools online. Neither man is directly associated with the Shadow Brokers hacking group, but experts believe they stole the information from one or both of them. The NSA suspects that the Shadow Brokers are a Russian affiliate. 

When was the NSA Hacked?

The NSA data breach was not a single incident but three linked events. In Mr. Martin’s case, the NSA discovered that he had been stealing information for more than 20 years from the NSA and other security agencies where he worked.

Mr. Pho had been filtering information out of the NSA from 2010 until 2015. The FBI raided his home in December of 2018 and found a massive stash of information in paper and electronic formats. Among the items found were highly classified documents and tools for electronic surveillance. Many were also found in the hands of the hacking outfit The Shadow Brokers. The NSA had no choice but to abandon all operations associated with the stolen tools and information now that they had been compromised. 

In 2016, the Shadow Brokers revealed themselves by offering up a collection of NSA-fueled hacking tools on the dark web and social media (Twitter mostly). The offers which occurred over a few weeks/months were in broken English and referenced government tools with the ability to hack into anything. 

NSA hacked

What Was Done About the NSA Hack?

Although Mr. Martin was the NSA’s lead suspect, Shadow Brokers continued to post messages and offer secrets during the time he was detained by the FBI. Edward Snowden (an ex-NSA employee and whistleblower) Tweeted that it was apparent all indications pointed to a Russian connection.

Nghia Pho was sentenced in September of 2019 to five and a half years in prison.

Harold T. Martin III was sentenced in July of 2019 to nine years in prison. He has been held for two and a half years, and that time will count towards his full sentence. 

As of now, the NSA still does not have concrete proof of who The Shadow Brokers are and if they are affiliated with Russian spies. They can only theorize and plug the holes left in their security.

About the Author
IDStrong Logo

Related Articles

The Anatomy Of Amazon Data Breach Explained

Along with being an online merchant, Amazon also supplies cloud servers to some heavy hitters in t ... Read More

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach

T-Mobile Data Breach incident occurred many times. Once from September 1, 2013, and September 16, ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. Wha ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that mu ... Read More

Latest Articles

Pennsylvania Maternal & Family Health Services Announces Ransomware Attack

Pennsylvania Maternal & Family Health Services Announces Ransomware Attack

Anyone paying even little attention to cybersecurity knows that medical practices and services are some of the most targeted institutions in the world.

Weekly Cybersecurity Recap January 27

Weekly Cybersecurity Recap January 27

This week, our lineup is pretty hard-hitting. Some of the biggest names in, well, everything, have been hacked, with a combined victim total of well into the millions.

MailChimp Announces Data Breach Affecting Tiny Number of Customers – With Big Ripples

MailChimp Announces Data Breach Affecting Tiny Number of Customers – With Big Ripples

MailChimp has been hacked repeatedly over the years; there is very little surprise in the breach, though one thing should be considered.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address
Close