Skip to main content

Personal info of 30,000-plus Pentagon employees compromised in contractor breach

Image used with permission by copyright holder

The personal information of more than 30,000 Pentagon workers has been compromised as a result of a data breach at a contractor, revealing information as sensitive as credit card data. Although no classified material was said to be compromised in the hack, the actual date of the attack remains unknown. It was initially revealed on October 4, but security staff warned that it may have taken place earlier and merely gone unnoticed.

Despite the Pentagon running a number of schemes like “Hack the Pentagon,” to help harden its digital infrastructure against weaknesses, hacks and breaches have taken place multiple times in recent years. This latest one appears to be the fault of a contractor, who at this time remains unnamed. The results could be wide-reaching though, as both military and civilian workers were affected.

The Pentagon did confirm the breach in a statement but has attempted to downplay its impact. Pentagon spokesperson, Lieutenant Colonel Joseph Buccino said in a statement via APNews, “It’s important to understand that this was a breach of a single commercial vendor that provided service to a very small percentage of the total population.”

He went on to say that the Pentagon was continuing to look into the breach and that it would notify all of those potentially affected by it. The Department of Defense has since severed ties with the contractor reportedly responsible for the breach, although the unnamed vendor does still remain under contract.

This breach comes at a poor time for the U.S. government, which was only recently criticized by the Government Accountability Office, which suggested that although improvements had been made to the Pentagon’s security,  it still did not have adequate protections in place for its weapons systems. As new and more sophisticated cyber attacks become commonplace in peacetime and war, the GAO suggested that the Pentagon needs to improve its provisions against such tactics.

The security of government-sanctioned voting machines has also been brought into question in the lead-up to the 2018 mid-term elections in November. A recent Def Con event highlighted that even children were capable of breaching the machines’ security, potentially bringing into question any vote counting results achieved on such hardware in a few weeks’ time.

Editors' Recommendations

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Ring admits employees have improperly accessed customers’ doorbell videos
amazon shatters the prices on ring video doorbells and throws in a free show 5 doorbell 2 with echo 02  1

Ring has admitted that a number of its employees tried to improperly access Ring Doorbell videos and detailed the incidents in a letter to five U.S. senators.

Motherboard reports that on Monday, January 6, Amazon-owned Ring responded to a November 19 letter written by senators concerned about Ring's security. In Monday's letter, Ring said that there were four separate instances where former Ring employees improperly accessed data. 

Read more
Data leak exposes personal info of more than 3,000 Ring users
Ring Stick Up Camera

More than 3,000 Amazon Ring cameras were reportedly compromised this past week, potentially exposing the login credentials of users and possibly enabling hackers easy access to all kinds of information. 

Buzzfeed reports the leaked data could have allowed hackers to access Ring customers’ payment information, camera footage, and video cameras’ history.

Read more
OnePlus customer data stolen in second data breach in two years
oneplus 7t macro lens iphone 11 lacks cameras

Phone company OnePlus has suffered another data breach, with an undisclosed number of customer names, contact numbers, email addresses, and shipping addresses stolen by an unnamed hacker or group.

This comes less than two years after up to 40,000 customers' private information was stolen from OnePlus, leading to credit card fraud using customers' details. In this case, the breach only came to light when the issue of credit card fraud was raised by a user on the OnePlus forums. An investigation subsequently discovered a malicious script had been gobbling up customer credit card details when they were entered into the OnePlus website.

Read more