Search This Blog

Powered by Blogger.

Blog Archive

Labels

Hacking Group Exposes Pentagon IT Provider's Documents

Leidos Holdings Inc. investigates a breach of Diligent Corp. system; sensitive documents compromised, identity theft concerns.

 


A person familiar with the matter informed us that hackers stole internal documents from Leidos Holdings Inc., one of the largest IT service providers in the US government, in an attempted breach of security. There has been a recent discovery at Leidos and they believe they were the victim of a previously disclosed breach of a Diligent Corp. system they used, which was in use at the time, said the person who requested not to be named because it is an internal matter. According to the person who spoke with me, Leidos is currently investigating this issue. 

As one of the most highly regarded companies in the world, Leidos' clients include the Defense Department, Homeland Security Department, and NASA, as well as other national and international government agencies. Based on a filing in Massachusetts dated June 2023, it was reported that Leidos used the Diligent system to store information that was gathered during internal investigations. It has been reported that Leidos has refused to comment on the information that has been stolen. 

A request for comments was not immediately responded to by the Pentagon, the Department of Homeland Security, and NASA. As Bloomberg News discovered, some files purportedly from Leidos had been posted on a cybercrime forum, but the details of those files had been redacted, so Bloomberg could not verify the authenticity of the files. Even though Steele Compliance Solutions is owned by Steele, which acquired the company in 2021, a diligent spokesperson said it appears that the leak and its source are related to a hack in 2022. 

At that time, there were less than 15 customers, including Leidos, who were using the product, according to the company. Detailed in a data breach notice filed in Massachusetts on November 11, 2022, Diligent declared the breach to Leidos after discovering the data leak. The attack was carried out by an unauthorized party who exploited a weakness in Diligent's platform to download documents, which may have occurred as early as September 30th of last year. 

The third intruder exploited a second vulnerability around or around October 1, 2022, allowing him to gain access to data submitted through Leidos' enterprise case management system (ECMS), hosted by Diligent, as well as personal information submitted via the system. Earlier reports indicated that the leak of data was linked to Steele Compliance Solutions, one of Diligent's subsidiary companies acquired in 2021, and that was where the scandal originated. 

When mergers and acquisitions occur, there is chaos and sensitive information may be transferred between the two companies, giving hackers a prime opportunity to exploit the situation. An FBI report published in 2021 forecasted that cybercriminals will target organizations during "time-sensitive financial events" such as mergers and acquisitions to extract sensitive information. On February 9, 2023, Leidos received notification of a second data leak, which prompted an investigation into a possible security breach. 

During the investigation, it was discovered that the impacted documents contained personal information, and to allow victims to be able to protect themselves against identity theft, the defence contractor offered two years of identity theft protection. Leidos confirmed that this data leak was caused by an incident that occurred in 2023 that impacted a third-party vendor for which all necessary notification was made in the past. 

According to the Pentagon defence contractor, “our network or any sensitive customer data was not affected by the incident.” At the time of the incident, the product in question was being used by fewer than 15 customers, including defence contractor Leidos, as reported by the company. In a data breach notice filed in Massachusetts on November 11, 2022, Diligent Corporation disclosed the breach to Leidos after discovering unauthorized access to its data. The breach involved an unauthorized party exploiting a vulnerability in Diligent's platform to download documents. 

It is believed that this exploitation may have occurred as early as September 30, 2022. A subsequent intrusion was identified around October 1, 2022, where a third-party attacker exploited a second vulnerability. This allowed the intruder to access data submitted through Leidos' Enterprise Case Management System (ECMS), which was hosted by Diligent, and personal information submitted via the system. Previous reports had indicated that the data leak was associated with Steele Compliance Solutions, a subsidiary of Diligent acquired in 2021 and that this subsidiary was the origin of the breach. 

Mergers and acquisitions often involve transferring sensitive information between companies, creating opportunities for cybercriminals to exploit these transitions. An FBI report published in 2021 anticipated that cybercriminals would target organizations during "time-sensitive financial events," such as mergers and acquisitions, to extract sensitive information. On February 9, 2023, Leidos was notified of a second data leak, which triggered an investigation into a potential security breach. 

The investigation revealed that the compromised documents contained personal information. In response, Leidos offered two years of identity theft protection to allow affected individuals to protect themselves against identity theft. Leidos confirmed that the data leak was caused by an incident in 2023 that affected a third-party vendor. The company assured that all necessary notifications had been made in the past and emphasized that neither their network nor any sensitive customer data were impacted by the incident.
Share it:

Cyber Vulnerabilities

Cyberattacks

CyberCrime

Cyberhacking

CyberThreat

Data Breach

Data Exposes

IT Documents

Leido