US Defence Agency takes action after security breach

US Defence Agency takes action after security breach

Defence Information Systems Agency (DISA), have sent a urgent warning out to its users that their personal information could have been compromised after a serious data breach which is believed to have taken place in the months of May and July 2019.

DISA, who also send out secure communications for the White House, triggered their security alarm after receiving a letter from the CIO Roger Greenwell last week, notifying that details including Social Security numbers may have been breached on one of DISA's systems. Despite their being no sufficient evidence of the apparent breach, DISA still plan to let their users know that their personal data (PII) could have fallen into the wrong hands.

As well as working for the White House, DISA also provide IT support to the US Secret Service, Joint Chiefs of Staff and others. DISA is now providing free credit monitoring to those whose data might be comprised. It has now put in place extra security methods “to prevent future incidents,” as well as adopting “new protocols” to improve protection of PII.

Chris Morales, head of security analytics at Vectra, has said awareness of breaches like this needs to be improved for any future threats.“It is an unfortunate situation and another in a long list of breaches as we head into 2020. Organisations need to get better at how long it takes to be aware of a compromise and how quickly they can respond. Visibility into how systems are used is key.”

Reports have indicated that around 200,000 users could be affected. These could range from DISA employees to users that rely on DISA services. Despite these reports on the current threat towards DISA, the two key questions that still have not been answered are:  who exactly carried this out; and even more importantly why?

Copyright Lyonsdown Limited 2021

Top Articles

It’s time to upgrade the supply chain attack rule book

How can infosec professionals critically reassess how they detect and quickly prevent inevitable supply chain attacks?

Driving eCommerce growth across Africa

Fraud prevention company Forter has partnered with payments technology provider Flutterwave to drive eCommerce growth across Africa and beyond.

Over 500,000 Huawei phones found infected with Joker malware

The Joker malware infiltrated over 500,000 Huawei phones via ten apps using which the malware communicates with a command and control server.

Related Articles