Pentagon IT services firm hacked and documents leaked

Hackers have managed to gain access to and steal documents from Leidos, a firm which provides IT services to a number of US government bodies including the Pentagon.

A Bloomberg report  the company stating the stolen documents were taken as part of a breach of a Diligent Corp. system the company was using for information hosting in internal investigations, Leidos stated in a report on the breach.

It added the breach was the result of a previous issue in 2023 that affected a third-party vendor, with a company spokesperson saying, “We have confirmed that this stems from a previous incident affecting a third-party vendor for which all necessary notifications were made in 2023. This incident did not affect our network or any sensitive customer data.”

Another third-party supply chain issue

Leidos Holdings states that the breach was the result of a previous issue in 2023 that affected a third-party vendor, with a company spokesperson saying that “We have confirmed that this stems from a previous incident affecting a third-party vendor for which all necessary notifications were made in 2023. This incident did not affect our network or any sensitive customer data.”

A Diligent Corp. spokesperson also responded to the breach, stating that it was related to an incident that occurred in 2022, which affected Diligent subsidiary Steele Compliance Solutions. The spokesperson stated that “We promptly notified impacted customers, including Leidos which Diligent initially notified in November 2022, and took immediate corrective action to contain the incident.”

Bloomberg News was unable to verify the authenticity of the documents leaked online, and stated that details on the stolen documents were redacted. Other customers of Leidos include NASA and the US Department of Defense, among a range of US and foreign agencies.

The Pentagon was recently hit by security worries after a number of high ranking government officials had their Microsoft hosted emails leaked by a Chinese threat actor, with as many as 20,000 affected by the breach. 

More from TechRadar Pro

• Take a look at our guide to the best identity theft protection
• Despite hack and senate complaints, Pentagon says it will continue Microsoft usage
• These are the best VPNs with antivirus around today

Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division). Benedict then continued his studies at a postgraduate level and achieved a distinction in MA Security, Intelligence and Diplomacy. Benedict transitioned his security interests towards cybersecurity upon joining TechRadar Pro as a Staff Writer, focussing on state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.