Personal Data at Risk in DISA Data Breach

(Image: Shutterstock)

The Federal defense agency responsible for secure communications of national leaders and military operations said Social Security numbers and other personal information may have been compromised in a 2019 data breach.

Approximately 200,000 individuals were affected by the data breach at Defense Information Systems Agency (DISA), said Chuck Prichard, a spokesman for the Department of Defense, in an email. There is no indication of whose data was breached, but a letter was sent to those affected.

“During the May to July 2019 timeframe, some of your personal information, including your social security number may have been compromised in a data breach on a system hosted by the Defense Information Systems Agency,” said the letter, seen by Reuters, sent to notify individuals of the breach of Personally Identifiable Information (PII).

“While there is no evidence to suggest that your PII has been misused, DISA policy requires the agency to notify individuals whose personal data may have been compromised,” the letter said.

According to the letter, the agency will provide free credit monitoring services to those affected by the breach.

No details were provided as to how the system was breached.

Kick off the start of spring at MeriTalk’s next Cyber Smoke. Learn More

“For operational security reasons, the department does not comment on the actions taken to mitigate risks or vulnerabilities,” Prichard said.

While DISA was not one of the agencies reviewed by the Senate Homeland Security and Governmental Affairs’ Subcommittee, a June report disclosed that of eight Federal agencies reviewed, seven failed to provide for the adequate protection of PII.

The agency is made up of more than 8,000 military and civilian employees, according to its website.

Categories

Recent