The US Navy announced today that the personal data of 130,000 of its enlisted men was accessed after a contractor's laptop was breached back in October.
HP Enterprise Services notified the US Navy of the breach, saying that one of the Navy's laptops operated by their employee supporting a Navy contract was "compromised."
Data accessed includes the names and Social Security numbers of 134,386 current and former Sailors.
"The Navy takes this incident extremely seriously - this is a matter of trust for our Sailors," chief of naval personnel Vice Admiral Robert Burke said in a statement. "We are in the early stages of investigating and are working quickly to identify and take care of those affected by this breach."
The Navy Criminal Investigative Service is handling the investigation, and has no evidence to suggest misuse of the information that was compromised.
The Navy said it will notify those affected, and the Navy is working hard to explain to those affected by the breach exactly what happened. They have also offered credit monitoring services.
Richard Cassidy, Technical Director - EMEA at Alert Logic: “Unfortunately this case compounds the fact that over 2/3rds of organisations breached discover so via a 3rd party. It's very disappointing when a 3rd party compromise leads to a data loss at the expense of another business or organisation, however, it highlights the stark reality of how complex the challenge remains with respect to security challenges.”
