Last week, the Navy made a statement that sensitive personal information of 134,386 sailors was accessed and compromised. This includes the personal information of both current and former sailors.
Supposedly, this happened after a notebook from a contractor was breached. This incident highlights the importance of data security challenges agencies face, especially when working with contractors.
Robert Burke, the chief of naval personnel, stated that the Navy takes this incident extremely seriously. He added this is a matter of trust for their sailors. They are reported to be in the early stages of investigating.
The Navy is planning to notify all affected individuals in the weeks to come. This will be done through various means, such as letter, phone, and email. Currently, it is unknown who the perpetrators are, and no evidence suggests the stolen information has been misused in any way.
The circumstances of the breach remain a mystery as well. It is unknown whether the notebook was accessed through a weak firewall or if the notebook was not encrypted. The breach, however, plays a significant role in highlighting the importance of investing in data protection for all agencies and military branches.
According to Computer Weekly, the breach highlights the fact that federal IT departments rely on third parties to ensure security for endpoints used for accessing internal data and systems.
For the duration of the contract, agencies can give third party contractors secure hardware as well as trusted software images, however, that can prove to be quite costly. Another option is to offer limited access through remote desktop browser plugins.