Leidos, based in Virginia and a key contractor for the U.S. Department of Defense, is believed to have originated from a previously reported compromise of a Diligent Corp. system used by Leidos. This system hosted information gathered during internal investigations.
The company confirmed that the issue stemmed from a prior incident involving a third-party vendor, for which all necessary notifications were made in 2023. Leidos emphasized that its own network and any sensitive customer data were not affected by this breach. (Related: FOREIGN HACKERS target water infrastructure in Pennsylvania, prompting calls for increased cybersecurity.)
"This incident did not affect our network or any sensitive customer data," Leidos stated. The company is currently investigating the matter to determine the full extent of the leak and its potential implications.
A spokesperson for Diligent Corp. linked the issue to a 2022 incident affecting its subsidiary, Steele Compliance Solutions. Diligent had notified impacted customers and taken corrective measures to contain the incident in November 2022. The recent leak suggests that documents taken during this earlier breach are now being disseminated by hackers.
The exposure of these documents underscores the persistent challenges in safeguarding sensitive information, particularly for contractors handling critical government data. Leidos and Diligent Corp. are working closely to address the ramifications of this leak and enhance their cybersecurity protocols to prevent future incidents.
As cybersecurity threats continue to evolve, the need for robust security measures and vigilant monitoring becomes ever more critical, especially for organizations serving as key contractors to government agencies.
Cybercriminals use various tactics to exploit technology for financial gain. Here are the most common types of security incidents and how to prevent them:
Attackers gain unauthorized access using an authorized user's account. Preventive measures:
Attackers gain unauthorized access and then attempt to obtain higher privileges. Preventive measures:
Threats from employees, former employees, or third parties. Preventive measures:
Attackers impersonate reputable entities via email to distribute malicious code or links. Preventive measures:
Malware includes Trojans, worms, ransomware and spyware. Preventive measures:
Attackers flood systems with traffic to shut them down. Preventive measures:
Attackers intercept and alter communications between two parties. Preventive measures:
Attackers attempt to obtain passwords using various methods. Preventive measures:
Attackers exploit vulnerabilities in web applications. Preventive measures:
Understanding these security incidents and implementing preventive measures can significantly enhance your organization's cybersecurity.
Follow CyberWar.news for more stories about hackers stealing data from private and government-owned companies.
Watch this video that talks about someone predicting a cyberattack.
This video is from the Covid Times channel on Brighteon.com.
Cybersecurity official warns: Americans must prepare for CYBERATTACKS from Chinese hackers.
Hackers stole "nearly all" records of customer calls, texts from AT&T.
Sources include: