White House security agency rocked by data breach

The personal details of 200,000, including social security numbers, were compromised in 2019

A system hosted by a critical US defence agency has suffered a data breach, with the personal data of its staff potentially compromised.

The Defense Information Systems Agency (DISA) has disclosed that a system it hosts sustained a potential breach between May and July 2019 in which personally identifiable information (PII) may have been compromised.

Advertisement - Article continues below

Those affected by the DISA breach were sent a setter on 11 February warning them their information, including social security numbers, may have been compromised. There is no evidence to suggest this personal information was subsequently misused, however.

DISA provides telecoms and IT support for the White House, including Donald Trump, Mike Pence, their staff, the secret service, as well as the chairman of the Joint Chiefs of Staff and high-ranking members of the US military.

There’s no official word on who was affected, or how many individuals, although various outlets including International Business Times are reporting that 200,000 service personnel have been hit. 

Related Resource

Digital Risk Report 2020

A global view into the impact of digital transformation on risk and security management

Download now

“We take this potential data compromise very seriously,” DISA’s risk management executive and CIO Roger Greenwell wrote in the letter.

“As a result, we have put additional security measures in place to prevent future incidents and we are adopting new protocols to increase protection of all PII.”

DISA has offered to provide free credit monitoring to those potentially affected by the breach, with information about how to sign up for the service to follow in a separate letter.

The agency, which is an augmentation of the Department of Defence (DoD), is based at Fort Meade, Maryland, and employs 8,000 US military and civilian staff. DISA also manages critical systems to support warfighters, national leaders and other military operatives.

It hasn't disclosed which part of its network, or which particular system, was potentially breached, and neither have they disclosed the nature of the breach. The definition of ‘data breach’ could vary from accidentally exposing data online to cyber intrusion by hackers.

The US military has sustained a few serious data incidents in recent years. Researchers, for example, discovered in October 2019 that 179GB of highly sensitive data belonging to US government, Department of Homeland Security (DHS) and military personnel exposed online through an unencrypted AWS database. This exposed information included both past and future travel arrangements, as well as login data. 

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now

Most Popular

Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/mobile/mobile-phones/355088/apple-lifts-iphone-purchase-restrictions
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020