Security

Cyber-crime

Data pilfered from Pentagon IT supplier Leidos

With numerous US government agency customers, any leak could be serious


Updated Internal documents stolen from Leidos Holdings, an IT services provider contracted with the Department of Defense and other US government agencies, have been leaked on the dark web.

The Leidos files that have made their way into the wild are claimed not to hold any "sensitive customer data," but the incident highlights the need for greater security awareness.

The documents are believed to have been stolen in a previously disclosed attack and data theft at Diligent Corporation, a provider of governance software. Leidos, which is a Diligent customer, is said to have only recently learned that the documents were currently being circulated, although the original attack happened in 2022, according to a Bloomberg report citing an anonymous source.

A spokesperson for Leidos told The Register that the documents now leaked online were swiped during an earlier incident "affecting a third-party vendor" and that all necessary data breach notifications had been sent out in 2023. The theft did not involve any sensitive customer data, the spokesperson insisted.

We understand the pilfered info mostly concerns internal Leidos corporate data, such as reviews of employee issues and complaints, rather than anything militarily sensitive.

Leidos merged with Lockheed Martin's Information Systems & Global Solutions (IS&GS) business in 2016 to form one of the defense industry's largest IT services providers. As well as the Department of Defense, it provides services for the Department of Homeland Security, NASA, and other US government agencies, making any leak of internal information potentially serious.

According to Bloomberg, Leidos was using the Diligent service to hold "information gathered in internal investigations," but it is not clear exactly what kind of information this might be. The news agency claims it was able to view the documents that cyber-criminals claimed originated from Leidos on a "cybercrime forum."

Suffice to say, claims by data thieves on the internet should always be treated skeptically: Boasts about info being stolen and leaked from a military IT supplier can boil down to the – of course, unfortunate – dumping of contractor employee records online as opposed to Uncle Sam's top secrets.

We asked the US Department of Defense for comment on the matter.

Leidos is also likely to face greater scrutiny from its customers as it weighs up any potential damage and looks to prevent any such future incidents.

The company, which is headquartered in Reston, Virginia, has a workforce of about 47,000 employees and primarily serves customers in heavily regulated industries. Leidos reported revenue of $15.4 billion for its fiscal year ended December 29, 2023.

Leidos announced earlier this month that it has won a contract to continue providing cargo mission engineering and integration services for NASA's International Space Station (ISS) Program and Artemis campaign, said to be worth $476 million. ®

Updated to add at 1533 UTC on July 24

A Diligent spokesperson told The Register: "This matter appears to concern an incident that took place in 2022 affecting Steele Compliance Solutions, an entity Diligent acquired in 2021. In November 2022, upon identification of the incident, we promptly notified impacted customers and took immediate corrective action to contain the incident. This incident did not impact Diligent Boards or any of our other products.

"We take security very seriously and believe we have taken the necessary steps to ensure any acquired company meets the same standard that our clients expect in a Diligent product."

Send us news
2 Comments

Intel frees its Foundry biz – and that's just one of many major shake-ups today

Pauses European fabs, scores secret US gig, teams up with Amazon, re-orgs its innards, and more!

AI giants pinky swear (again) not to help make deepfake smut

Oh look, another voluntary, non-binding agreement to do better

Down and out: Aegon's pension pothole and TfL's mystery 'maintenance'

When is maintenance maintenance, and when is it 'we've been pwned'?

1.7M potentially pwned after payment services provider takes a year to notice break-in

Criminals with plenty of time on their hands may now have credit card details

Kremlin-linked COLDRIVER crooks take pro-democracy NGOs for phishy ride

The latest of many attempts to stifle perceived threats to Putin's regime

FTC urged to stop tech makers downgrading devices after you've bought them

Some brick devices they'd rather not support, kill apps that drive functions, or add post-sale subscriptions

Trump taps Musk to lead 'government efficiency' task force

Surely this duty will be executed without bias toward NHTSA, FAA, DOJ, NLRB

White House’s new fix for cyber job gaps: Serve the nation in infosec

Now do your patriotic duty and fill one of those 500k open roles, please?

House to grill CrowdStrike exec on epic IT meltdown... no, not the CEO

VP Adam Meyers to testify about that faulty software update which ruined July and some of August

Check your IP cameras: There's a new Mirai botnet on the rise

Also, US offering $2.5M for Belarusian hacker, Backpage kingpins jailed, additional MOVEit victims, and more

Zuckerberg admits Biden administration pressured Meta to police COVID posts

'The government pressure was wrong, and I regret that we were not more outspoken about it,' says Facebook founder

US sues Georgia Tech over alleged cybersecurity failings as a Pentagon contractor

Rap sheet spells out major no-nos after disgruntled staff blow whistle