25 July 2024, Kathmandu
Learn about the Leidos cyber breach linked to Diligent Corp., which exposed sensitive documents online and sparked significant security concerns.
Leidos Breach Hackers Leak Documents
Hackers Leak Documents From Pentagon IT Services Provider Leidos
Threat actors have breached the systems of Leidos Holdings, a key contractor for the US government, leaking internal documents online, according to a report by Bloomberg News. This incident is believed to be linked to a previously reported breach of a system from Diligent Corp that Leidos utilized.
Investigation Underway
Leidos, based in Virginia, recently became aware of the breach and is actively investigating it, according to anonymous sources cited in the report.
The company used Diligent’s system to store information from internal investigations, which was revealed in a June 2023 filing in Massachusetts.
Company Statement
“This incident did not affect our network or any sensitive customer data,” Leidos stated in the report.
High-Profile Client Concerns
Leidos’ client roster includes high-profile organizations such as the US Department of Defense (DOD), the Department of Homeland Security (DHS), NASA, and various other US and international agencies, along with commercial enterprises. The leak has sparked significant concerns due to the sensitive nature of the information involved.
Leaked Files and Source of Breach
The report reviewed some of the leaked files posted on a cybercrime forum but could not confirm their authenticity as the details were redacted.
A spokesperson for Diligent noted that the leak seems to originate from a 2022 hack that affected its subsidiary Steele Compliance Solutions, acquired in 2021. The spokesperson mentioned that fewer than 15 customers, including Leidos, were using the compromised product at the time. “We promptly notified impacted customers, including Leidos, in November 2022, and took immediate corrective action to contain the incident,” the report quoted the spokesperson.
History of the Breach
The 2022 breach of Diligent reportedly involved two separate incidents, now resulting in the exposure of sensitive documents from Leidos. This situation highlights the persistent challenges and risks faced by major IT service providers in protecting critical information.
Leidos’ Background and Recent Contracts
Leidos, established in 2013 after acquiring Lockheed Martin’s information technology business, was the largest federal IT contractor in fiscal year 2022, with $3.98 billion in contract obligations. The company has a workforce of around 47,000 employees and primarily serves customers in heavily regulated industries. Leidos reported revenue of $15.4 billion for its fiscal year ended December 29, 2023.
Earlier this month, Leidos secured a $476 million contract from NASA to provide cargo mission engineering and integration services for the International Space Station (ISS) Program and the Artemis campaign. Additionally, it was awarded a $738 million follow-on contract from the US Air Force to provide enterprise IT and telecommunications support, including cybersecurity, to Headquarters Air Force, Headquarters Space Force, Air Force District of Washington, and other Department of the Air Force activities and missions in the national capital region.
For more: Leidos Breach Hackers Leak Documents
