US navy data breach: Details of 130,000 sailors stolen by hackers

25 Nov 2016

The powerful US navy can defend the high seas but can it protect its own data? Image: Lindasj22/Shutterstock

The US navy has begun an investigation into how the personal data of more than 130,000 sailors was stolen.

The data is understood to have belonged to sailors who were seeking re-enlistment.

It was stolen from a contractor’s laptop and included names and social security numbers of 134,386 current and former navy personnel.

‘The navy takes this incident extremely seriously – this is a matter of trust for our sailors’
– VICE ADMIRAL ROBERT BURKE

The Naval Criminal Investigative Service (NCIS) is on the case but has not found any malicious use of the data so far.

Battle stations

On 27 October, the navy was notified by Hewlett Packard Enterprise Services (HPES) that one of the company’s laptops operated by an employee supporting a navy contract was reported as compromised.

After analysis by HPES and a continuing NCIS investigation, it was determined on 22 November that sensitive information of 134,386 current and former sailors was accessed by unknown individuals.

“The navy takes this incident extremely seriously – this is a matter of trust for our sailors,” said the chief of naval personnel, Vice Admiral Robert Burke.

“We are in the early stages of investigating and are working quickly to identify and take care of those affected by this breach.”

It is understood the navy will notify those affected sailors in the coming weeks by multiple means including phone, letter and email.

”For those affected by this incident, the navy is working to provide further details on what happened, and is reviewing credit monitoring service options for affected sailors.

“At this stage of the investigation, there is no evidence to suggest misuse of the information that was compromised,” the navy said.

In total, the US navy has about 430,000 sailors on active duty or in ready reserve.

This is understood to be the second major breach of navy data related to contracting activities.

In 2013, Iran penetrated the unclassified navy and marine corps.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com