BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

U.S. defense contractor sustains data breach

From: Lee J <lee () riskbasedsecurity com>
Date: Fri, 16 Aug 2013 10:06:45 +1000
http://www.scmagazine.com/us-defense-contractor-sustains-data-breach/article/307498/

Employees for and applicants to the linguist program of Virginia-based
defense contractor Northrop Grumman may have had their sensitive
information compromised <http://www.scmagazine.com//search/data+breach/> when
a database was accessed by an unauthorized party.

*How many victims?* Unknown. Northrop Grumman employs more than 70,000
people, thousands of whom work as linguists, according to reports.

*What type of personal information?* Names, contact information, date of
births, blood types, Social Security numbers and other government-issued
identification numbers.

*What happened?* A database related to the linguist program was accessed by
an unauthorized party.

*What was the response?* Northrop Grumman began an investigation.The
affected database was taken offline and may no longer be accessed remotely.
Letters were sent home to those who may have had information compromised.
Northrop Grumman is offering a year of free identity protection services to
victims and is taking steps to ensure a similar incident does not occur
again.

*Details: *Following an investigation, unauthorized access to the database
was said to have occurred between November 2012 and May 2013.

*Quote:* “We have no evidence at this time that any of the information has
been further disclosed or used in an unauthorized manner as a result of
this incident,” said Gregory Schmidt, a Northrop Grumman vice president.
“We regret that this incident may affect you.”

*Source:* doj.nh.gov, New Hampshire Department of Justice, “Northrop
Grumman (PDF<http://doj.nh.gov/consumer/security-breaches/documents/northrop-grumman-20130809.pdf>),”
Aug. 9, 2013.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.
Previous By Date Next
Previous By Thread Next

Current thread: