Hewlett Packard Enterprise (HPE) has been accused of losing the data of over 134,000 US Navy personnel. HPE notified the US Navy on October the 27th that a laptop used by one of its employees had been compromised. That employee was involved in a project supporting the US Navy. Limited details of the breach have been released by the US Navy while HPE has so far remained quiet about the incident.
This breach comes fifteen months after the biggest breach the US Government has seen at the OPM. In that attack the details of 21.5 million US Government employees and their families was lost. The data included information on the US Army, Navy, Air Force, Federal workers and those in the Intelligence Services. Since then the FBI, Department of Homeland Security and IRS were all hacked in February 2016.
The breach will embarrass both HPE and the US Navy, both of whom have investigated the breach. The data lost included the names and Social Security Numbers (SSN) for over 134,000 current and former sailors. There is no evidence that the data has been used to compromise personnel so far according to the US Navy.
According to Chief of Naval Personnel Vice Adm. Robert Burke: “The Navy takes this incident extremely seriously- this is a matter of trust for our Sailors. We are in the early stages of investigating and are working quickly to identify and take care of those affected by this breach.”
Conclusion
Yet another hack of US Government data, this time through a compromised laptop of a contractor employed by HPE. Contractors are becoming the security weak point for the US Government. In October Harold T Martin III, an NSA contractor was arrested and classified data was found at his house. He was employed by the same company that previously employed Edward Snowden. There is no evidence that the HPE employee was complicit in this breach. There will., however, be questions as to how their laptop was compromised.
