Breach, Threat Management, Data Security

U.S. Navy to HPE: Pay up for breach cleanup

The U.S. Navy is requesting that a vendor in charge of personnel records pay up for credit monitoring services after its computers were breached and SSNs and other personal information of 130,000 sailors was compromised, according to the Navy Times.

While attesting in a statement that the security and privacy of its customers was a "top priority," Hewlett Packard Enterprise (HPE), which contracts with the Navy to oversee personnel records, is not commenting further as the investigation expands to include the FBI, along with the Naval Criminal Investigative Service.

The Navy was informed by HPE in October that a laptop went missing and, according to an unknown source, information in a re-enlistment approval database on 134,386 current and former sailors was accessed by unknown persons.

The breach of the Career Waypoints database, known as C-WAY, was publicly disclosed by the Navy on Nov. 23. Active duty sailors, as well as some in the selected reserve and others out of the service, use the system to submit requests for re-enlistment and to update Navy Occupational Specialties.

The Navy suffered an earlier breach for which HPE was held responsible in 2013, when Iran reportedly gained access to its unclassified Navy and Marine Corps Intranet, the Navy Times reported.

Credit monitoring services often are offered to victims of breaches.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.