The incident.
The US Navy announces today a major personal data breach. Back in October, due to a breach in a contractor’s laptop, someone accessed more than 130,000 accounts of its enlisted men.
HP Enterprise Services notified the US Navy of the breach. They reported the “compromisation” of one of the Navy’s laptops operated by their employee supporting a Navy contract.
Data accessed includes the names and Social Security numbers of 134,386 current and former Sailors.
The Navy confronts data breach head on.
“The Navy takes this incident extremely seriously. ” This is a matter of trust for our Sailors,” chief of naval personnel Vice Admiral Robert Burke stated. “We are in the early stages of investigating. We are working quickly to identify and take care of those affected by this breach.”
The Navy Criminal Investigative Service is handling the investigation and has no evidence to suggest misuse of the information that was compromised.
The Navy said it will notify those affected and is working hard to explain to them exactly what happened. They have also offered credit monitoring services.
Richard Cassidy, Technical Director – EMEA at Alert Logic: “Unfortunately this case compounds the fact that over 2/3rds of organizations breached discover so via a 3rd party. It’s very disappointing when a 3rd party compromise leads to a data loss at the expense of another business or organization, however, it highlights the stark reality of how complex the challenge remains with respect to security challenges.”