A self-styled hacktivist collective says it breached the Department of Homeland Security and released a trove of internal records tied to Immigration and Customs Enforcement contracting, thrusting fresh scrutiny on the government’s technology supply chain and the private vendors that power it.
The group, calling itself Department of Peace, claims the cache originated from DHS’s Office of Industry Partnership, which liaises with the private sector. The nonprofit transparency collective DDoSecrets says it has published the dataset, and an independent security researcher organized it into a searchable index. DHS and ICE did not immediately respond to requests for comment, and the authenticity of the entire collection has not been independently verified.
What the leaked files contain about DHS and ICE contracts
The dataset appears to catalog thousands of ICE and DHS-related contract records, listing vendor names, award amounts, project descriptions, and points of contact, including full names, email addresses, and phone numbers. According to DDoSecrets’ description, more than 6,000 contractors are referenced, ranging from defense primes to cloud and analytics firms.
Early highlights circulating among researchers point to multimillion-dollar obligations. One contractor, Cyber Apex Solutions, is shown as having roughly $70 million in awards tied to critical infrastructure security work. Science Applications International Corporation appears associated with about $59 million in awards, including AI-enabled services for government agencies. Underwriters Laboratories is listed at around $29 million for testing and certification engagements.
Also named are well-known federal vendors and integrators, including Anduril, L3Harris, Raytheon, Palantir, Microsoft, and Oracle. While many contract basics are already discoverable via public procurement trackers, the consolidated exposure of internal contacts and project metadata could increase operational and privacy risks for both agencies and suppliers.
Who is behind the release and how the leak surfaced
Department of Peace framed the leak as a transparency action, citing recent incidents they attribute to federal agents and arguing the public has a right to know which companies support DHS and ICE programs. DDoSecrets, which previously hosted large-scale disclosures such as the 2020 BlueLeaks collection of law-enforcement fusion center documents, says it obtained and published the new dataset consistent with its public-interest mission.
Security researcher Micah Lee organized the material into a browsable portal to aid review by journalists, watchdogs, and researchers. That step mirrors modern leak handling, where curation and structured search can rapidly surface patterns in sprawling, technical records.
Why this dataset matters for DHS and ICE procurement
ICE’s operations rely on a broad tech stack spanning case management, data enrichment, biometrics, surveillance, detention logistics, and transportation. Palantir, for example, has long provided analytics platforms, including tools used by Homeland Security Investigations. Cloud providers like Microsoft and Oracle host and integrate systems that process sensitive identity and enforcement data.
Public procurement portals already disclose award values and vendors, but they often lack the fine-grained context to map program dependencies, subcontractor webs, and agency points of contact. A centralized trove that aggregates internal references can accelerate external oversight and academic research into how public safety technologies are bought and scaled.
Oversight bodies have repeatedly flagged transparency gaps in DHS acquisitions. Government Accountability Office audits and DHS’s own inspector general have cited weaknesses in requirements development, vendor vetting, and lifecycle management for complex IT programs. If authentic, the new dataset could offer a rare, ground-level view of how procurement decisions intersect with controversial enforcement priorities.
Security and legal questions raised by the alleged breach
The claimed breach raises classic incident-response challenges: confirming the intrusion vector, scoping affected systems, and notifying impacted personnel and contractors. The inclusion of direct contact details may elevate doxing and social-engineering risks for procurement officials and vendor staff, potentially prompting access resets and targeted phishing defenses across government and industry networks.
Any unauthorized access to federal systems could implicate the Computer Fraud and Abuse Act and other statutes. At the same time, the publication underscores a persistent public-interest dilemma: disclosures that expose sensitive personal information can also reveal how powerful surveillance and immigration tools are funded and deployed—information that watchdogs argue is essential for democratic accountability.
Context and next steps as officials assess the incident
DHS is one of the federal government’s largest buyers of technology and services, with annual obligations running into the tens of billions across component agencies. ICE’s recent contracting has emphasized data analytics, detention and transportation logistics, and cloud modernization—areas that draw steady involvement from major defense and enterprise IT firms.
Key signals to watch now include official confirmation of the breach scope; guidance to affected vendors; and whether DHS or ICE seek to limit redistribution of the files. Lawmakers on homeland security and appropriations committees may also press for briefings, particularly if the material reveals undisclosed program details or novel vendor relationships.
For companies named in the records, the near-term focus will be supplier risk, employee safety, and reputational exposure. For advocates and researchers, the dataset—if verified—could become a reference point for understanding how immigration enforcement technology is funded, who builds it, and which programs set its boundaries.
