Pentagon reveals cyber violation of travel records

WASHINGTON – The Pentagon said Friday that there had been a cyber-violation of the Department of Defense's travel records that compromised personal information and credit card data of US civilian and military personnel.

According to a US official familiar with the case, the offense could have affected up to 30,000 workers, but this number could increase as the investigation continues. The breach could have happened a few months ago but has only recently been discovered.

The manager, who requested anonymity because the violation is under investigation, said that no confidential information had been compromised.

According to a statement from the Pentagon, a cyber-team of the department informed the leaders of the violation of 4 October.

Lt. Col. Joseph Buccino, a Pentagon spokesman, said the department was still gathering information about the size and scope of the hacking and the identity of the author.

"It is important to understand that it is a violation of a single commercial provider that provides services to a very small percentage of the total population" of the department's staff. Defense, said Buccino.

The supplier was not identified and additional details of the violation were not available.

"The ministry continues to assess the risk of harm and will ensure that the staff concerned is notified," said the statement, noting that the people concerned will be informed in the coming days and that fraud protection services Will be provided.

Buccino said that for security reasons, the department did not identify the supplier. He said that the supplier is still under contract, but that the ministry "has taken steps to have the supplier stop the execution of its contracts".

The revelation of the violation follows a federal report released Tuesday that concluded that military weapons programs were vulnerable to cyber attacks and that the Pentagon was slow to protect the systems. And this reflects a number of other violations that have hit federal government agencies in recent years, revealing health data, personal information, and social security numbers.

In its Tuesday report, the United States Accountability Office of the United States said that the Pentagon had made efforts to keep its networks secure, but that recently it has begun to focus more on the security of its systems. weapons. The audit, carried out between September 2017 and October 2018, revealed that the protection of its weapon systems against increasingly sophisticated cyber-threats posed more and more problems.

In 2015, massive piracy by the Federal Office of Personnel Management, largely attributed to the Chinese government, compromised the personal information of more than 21 million current and former federal employees, including the Pentagon. It is also likely that this occurred months before its discovery and publication, which ultimately led to the resignation of the director of the OPM.

That year also, hackers broke the messaging system used by chiefs of staff, affecting several thousand military and civilian workers.

The Department of Defense has always said that its networks and systems are analyzed and attacked thousands of times a day.