One Laptop Has Leaked Private Data On 130,000 Navy Sailors
Loose laptop sink ships isn’t a Navy slogan yet, but they might want to consider it. A report from the Navy yesterday revealed that a single compromised laptop may have allowed someone to get their hands on the personal information of more than 130,000 sailors.
It’s a serious breach, to be sure, but a mere drop in the bucket compared to the hack on the Office of Personnel Management that spilled data on nearly 22 million Americans.
The laptop in question wasn’t even a piece of Navy hardware. It actually belonged to a contractor — in this case, Hewlett-Packard Enterprise Services (HPES). In 2013, HPES won a $3.5 billion contract from the Navy to develop its Next Generation Enterprise Network (NGEN), a replacement for the aging Navy-Marine Corps Intranet.
The Navy statement is short on details, but given the nature of the NGEN project it’s very possible that this laptop was connected. HP notified the Navy about the breach on October 27, and NCIS got involved in the investigation. Yesterday, they came to the determination that data on a total of 134,386 Navy personnel was exfiltrated. Whether that data was stored on the laptop or merely exfiltrated via the laptop was not revealed.
That information include names and social security numbers. Even if that’s all that was taken, it’s enough to cause the victims serious grief. The Navy is investigating credit monitoring options to help impacted sailors. Fortunately, as of now, they haven’t seen any evidence of the data being misused.
Source | forbes