Personal Data belonging to 134,386 United States Navy current and former sailors were leaked. NCIS and HPE are investigating the case.
The United States Navy has confirmed that the personal data of 134,386 current and former employees were leaked.
Names and social security numbers of the internal staff were stored in a laptop used by a Hewlett Packard Enterprise Services staffer that was compromised.
The Naval Criminal Investigative Service (NCIS) and HPE who are investigating the incident discovered that “unknown individuals” accessed the personal data of the United States Navy employees.
“Oct. 27, 2016, the Navy was notified by Hewlett Packard Enterprise Services (HPES) that one of the company’s laptops operated by their employee supporting a Navy contract was reported as compromised.” reads the Security Breach Notification of Sailors’ PII.
“After analysis by HPES and a continuing Naval Criminal Investigative Service (NCIS) investigation, it was determined Nov. 22, 2016, that sensitive information, including the names and Social Security Numbers (SSNs) of 134,386 current and former Sailors were accessed by unknown individuals.”
The US Navy did not disclose details of the incident and there is no evidence that exposed data were abused by the unknown attackers.
It is still unclear if the laptop was lost, stolen or if a malware exfiltrated data on its hard disk.
“We are in the early stages of investigating and are working quickly to identify and take care of those affected by this breach,” naval personnel chief Vice Admiral Robert Burke says.
“The Navy takes this incident extremely seriously – this is a matter of trust for our sailors.”
The United States Navy will notify employees affected by the security breach in “coming weeks.”
The Navy is reviewing credit monitoring service options for affected people.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.