Data Stolen from Pentagon: US Defense Contractor Leidos Data Leaked

US Defense Contractor Leidos Suffers Data Breach, Pentagon Data Stolen

Internal data from Pentagon stolen after third-party vendor Leidos data leak

Leidos Holdings, a major IT and engineering services provider to the US Department of Defense and other government agencies, has confirmed that some of its internal data was stolen due to a data breach at a third-party vendor. According to sources, the stolen data was hosted by Diligent Corp, which Leidos utilized for internal investigations data storage. Diligent had disclosed a breach in late 2022 affecting fewer than 15 clients, including Leidos. “We promptly notified impacted customers, including Leidos which Diligent initially notified in November 2022, and took immediate corrective action to contain the incident,” a Diligent spokesperson stated However, threat actors are now claiming to have leaked a cache of documents allegedly originating from Leidos servers on the dark web. The Leidos’ data leak appears to contain significant amounts of sensitive internal documentation related to Leidos projects and contracts with the Pentagon and other clients. In a statement, Leidos confirmed “This stems from a previous incident affecting a third-party vendor for which all necessary notifications were made in 2023. However, the company emphasized that neither its own networks or customer information was impacted by the breach. Security experts argue any leak of internal company data could pose security risks, even lacking customer details. Stolen documents may contain clues about project details, vulnerabilities, or future plans if exploited by a capable adversary. The breach is especially concerning given Leidos’ critical work on highly sensitive national security programs. The firm is a major defense and intelligence community contractor, holding several contracts for classified work including technical services for the National Security Agency and cyber roles for the Department of Homeland Security. The stolen Durilant data breach in late 2022 and subsequent leak of Leidos documents demonstrate the ongoing risk third-party vendors pose to government suppliers. Contractors entrusting sensitive company data to outside firms remain vulnerable if those partners suffer their own breaches. The Leidos’ data leak incident shows how even internal data leaks can impact national security when sustaining penetrations of contractors supporting the US military and intelligence community. Experts argue this underscores needs for continued focus on supply chain security both in the public and private sectors.

Security and Privacy Implications of Leidos Data Leak Remain Unclear

While full details of the Leidos data leak have not been publicly disclosed, security experts expressed concerned about the potential risks if accessed by hostile foreign nations or criminal underground. One researcher noted “Any documentation related to US defense or intelligence programs could provide insights to adversaries. Even without customer details, internal files may contain vulnerabilities, future procurement plans or technical project details.” However, Leidos has downplayed potential impacts, saying only internal company files unrelated to customer systems or data were involved. But without a full disclosure of what data was accessed, the full security implications are difficult for outsiders to assess. The manner and timing of the leak also raise questions. Threat actors holding sensitive data for months or years before dissemination could allow time for exploitation before detection. And data brokers are increasingly willing to sell breached troves to the highest bidding nation states or groups, complicating efforts to determine ultimate parties in possession of compromised files. The Pentagon will be closely examining potential fallout from the Leidos incident.