The hack exposed the names and social security numbers of current and former sailors.
Hackers have managed to get their hands on personal and sensitive information of over 130,000 US Navy officials. The US Navy has acknowledged the security breach, adding that a laptop of a Navy contactor was hacked.
The hacked laptop belonged to an unnamed employee of Hewlett Packard Enterprise Services. The firm notified the Navy about the breach on 27 October. An NCIS (Naval Criminal Investigative Service) investigation revealed that sensitive information, including names and social security numbers of 134, 386 current and former sailors were stolen by hackers.
“The Navy takes this incident extremely seriously- this is a matter of trust for our sailors,” said Chief of Naval Personnel Vice Adm Robert Burke in a statement. “We are in the early stages of investigating and are working quickly to identify and take care of those affected by this breach.”
The identity and location of the hackers remain unclear. The Navy’s statement alluded to “unknown individuals” as perpetrators of the attack. The Navy said it would notify the affected sailors “in the coming weeks” via phone, letter and email.
The Navy also claimed that at present, there is no evidence to indicate that the information accessed by hackers has been misused in any way. The investigation into the breach appears to be ongoing, with the Navy working on unearthing more information about the incident.
According to a report by Forbes, Hewlett Packard was granted a $3.5bn contract by the Navy in 2013, to develop its Next Generation Enterprise Network, which would serve as a replacement to the outdated and ageing Navy-Marine Corp Intranet.
This is not the first time that the US Navy has been targeted by hackers. In 2012, a hacker going by the pseudonym Comrade claimed to have hacked into the official website of the US Navy. The hacker claimed to have dumped personal data of officials on Pastebin.
The alarming propensity of cyberattacks against governments has caused growing concerns among the security and intelligence communities. The US Army recently launched its first ever bug bounty programme called “Hack the Army” in efforts to boost their ability to help defend against rising cyberthreats.