The U.S. Navy has confirmed that personal data of more than 130,000 sailors was hacked from a Navy contractor's laptop in October this year.
Where And When Did The Breach Occur?
On Wednesday, Nov. 23 the Navy announced that a laptop used by Hewlett Packard Enterprise Services employee, who was working on a Navy contract, was compromised. As a result, unknown and unauthorized individuals had access to sensitive information such as Social Security Numbers of 134,386 former and current sailors.The Navy revealed that HPES reported the breach on Oct. 27 and the Naval Criminal Investigative Service investigation determined it on Nov. 22.
According to the Navy Times, an official familiar with breach investigation said that the personal data of sailors came from the Career Waypoints database, known as C-WAY, which is used to submit re-enlistment and Navy Occupational Specialty requests.
What Is The Navy Doing About The Data Breach?
Top Navy officials said that they are taking the matter seriously and investigating the breach. The Navy is also working swiftly to identify those who are affected by the latest incident.
"The Navy will notify those affected Sailors in the coming weeks by multiple means including phone, letter and email," the Navy said in a statement. "For those affected by this incident, the Navy is working to provide further details on what happened, and is reviewing credit monitoring service options for affected Sailors."
Early investigations suggest that the leaked data has not been misused or compromised in any way.
Previous Data Breaches
This is not the first time that a breach involving Navy data connected to HPES occurred. In 2013, HPES unveiled that hackers from Iran breached unclassified Navy and Marine Corps intranet. Reports suggested that the breach was due to a carelessly written contract with HPES.
In June 2015, the U.S. Office of Personnel Management confirmed that it was a target of data breach, which affected records of millions of people including former, existing and prospective federal employees.
"OPM and an interagency team from the Department of Homeland Security and the Federal Bureau of Investigation have been investigating these incidents, and are working to put in place changes that will prevent similar thefts in the future," said the OPM.
The federal agency also confirmed that it did not have any information that suggested misuse of leaked data.