Hackers have leaked internal documents stolen from Leidos Holdings Inc., one of the largest IT service providers to the Pentagon, Department of Homeland Security, NASA, and other U.S. government agencies. The breach, reported by Bloomberg News, underscores the persistent vulnerabilities in cybersecurity even among major defense contractors.
The leaked documents were reportedly taken during a previously disclosed breach of a system operated by Diligent Corporation, a third-party vendor utilized by Leidos. According to the Bloomberg report, Leidos recently became aware of the issue and is actively investigating the incident.
A spokesperson from Leidos confirmed, “This incident did not affect our network or any sensitive customer data.”
The breach is traced back to an incident involving Diligent’s subsidiary, Steele Compliance Solutions, in 2022. Diligent had addressed the breach by notifying affected customers and implementing corrective measures in November 2022. A representative from Diligent reiterated this timeline, indicating that the problem has its roots in past vulnerabilities.
Leidos, based in Virginia, counts the U.S. Department of Defense as its primary customer. The company utilized Diligent’s system to store information gathered during internal investigations. Despite the breach, Leidos has emphasized that its own network and sensitive customer data remain uncompromised.
The leaked documents’ exact content and potential impact are not yet clear. However, the breach raises significant concerns about the security of information handled by contractors who serve critical government agencies.
Leidos has confirmed that necessary notifications regarding the third-party incident were made in 2023. The company is now focused on investigating the extent of the leak and mitigating any potential fallout. “We are taking this matter very seriously and are committed to ensuring the security of our data and the data of our clients,” said a Leidos representative.
Information for this story was found via Reuters and the sources and companies mentioned. The author has no securities or affiliations related to the organizations discussed. Not a recommendation to buy or sell. Always do additional research and consult a professional before purchasing a security. The author holds no licenses.
