The Department of Homeland Security has announced that a public utility company in the US has been compromised. It's unclear which utility company was hacked at this time. Homeland Security says that the utility's control system was accessible via internet-facing hosts and used a simple password system.
The system was compromised using a brute-force attack with the hackers trying different passwords until a correct one was found. Investigators say that the systems at the utility company were exposed to numerous security threats and previous intrusion activity was noted.
The Department of Homeland Security continues to warn that utilities in the US are vulnerable. Many major utilities like electric and water plants haven't been audited for security and remain unsecured against intrusion.