On Wednesday, the United States Navy announced a hack had compromised one of its databases. The hackers entered the Navy’s network through an HP laptop from a contractor and got access to the personal information of over 134,000 Navy sailors.
The military branch hack comes as the latest security and data breach in the U.S. Other government bodies like the DNC and the former presidential candidate Hillary Clinton had also been the subjects of cyber attacks in past months.
The U.S. Navy gave little details about the incident, other than saying hackers may have collected names and social security numbers of the bluejackets. The investigation is ongoing, and there are no suspects yet.
How did the hackers breach the U.S. Navy network?
Hackers gained access to the Navy sailors’ data through a compromised laptop leased by Hewlett Packard Enterprise Services to the military body.
Back on October 27, HP notified the Navy the laptop was hacked, and the company even said who the user was.
“Unknown individuals” presumably breached the personal computer without being detected by the employee operating the device.
The Navy Times reports an official close to the matter said the breach targeted the Navy’s Career Waypoints database, a platform also known as C-WAY.
Inactive sailors use C-WAY to reenlist in the Navy, while those currently serving the military branch use it to submit requests to the Navy Occupational Specialty direction.
Data requirements for these system submissions include names, addresses, and social security numbers. The Navy said the cyber attack compromised the personal information of 134,386 active and inactive sailors.
How is the Navy dealing with the situation?
The Navy is currently carrying out a joint investigation with the Naval Criminal Investigative Service (NCIS) to determine the potential extent of the hack and what other sensitive information may have been collected.
The Navy said it would not neglect the affected seamen. The military institution is going to notify every single one of the 134,000 bluejackets about the incident by email, letters, and phone so that they can take the appropriate measures.
Security breach notification of #USNavy Sailors' personally identifiable information – https://t.co/4hIGW17qlk pic.twitter.com/yOJJlXyIXi
— U.S. Navy (@USNavy) November 23, 2016
Hewlett Packard Enterprise Services stated it held its client’s safety in high regard, and that it would not give any additional details since investigations are still ongoing.
The hackers hit the JackPot because that kind of information about active Navy Seals can sell for a lot on the black market. If the information falls into the wrong hands, it could put people’s live at risk.
Source: U.S. Navy