Hackers leak sensitive information from one of U.S. government's largest IT service providers
By richardbrown // 2024-07-31
 
Hackers have leaked internal documents from Leidos Holdings Inc., exposing sensitive information from one of the largest IT services providers to the U.S. government. Leidos, based in Virginia and a key contractor for the U.S. Department of Defense, is believed to have originated from a previously reported compromise of a Diligent Corp. system used by Leidos. This system hosted information gathered during internal investigations. The company confirmed that the issue stemmed from a prior incident involving a third-party vendor, for which all necessary notifications were made in 2023. Leidos emphasized that its own network and any sensitive customer data were not affected by this breach. (Related: FOREIGN HACKERS target water infrastructure in Pennsylvania, prompting calls for increased cybersecurity.) "This incident did not affect our network or any sensitive customer data," Leidos stated. The company is currently investigating the matter to determine the full extent of the leak and its potential implications. A spokesperson for Diligent Corp. linked the issue to a 2022 incident affecting its subsidiary, Steele Compliance Solutions. Diligent had notified impacted customers and taken corrective measures to contain the incident in November 2022. The recent leak suggests that documents taken during this earlier breach are now being disseminated by hackers. The exposure of these documents underscores the persistent challenges in safeguarding sensitive information, particularly for contractors handling critical government data. Leidos and Diligent Corp. are working closely to address the ramifications of this leak and enhance their cybersecurity protocols to prevent future incidents. As cybersecurity threats continue to evolve, the need for robust security measures and vigilant monitoring becomes ever more critical, especially for organizations serving as key contractors to government agencies.

Common types of security incidents

Cybercriminals use various tactics to exploit technology for financial gain. Here are the most common types of security incidents and how to prevent them:

Unauthorized access attacks

Attackers gain unauthorized access using an authorized user's account. Preventive measures:
  • Multi-Factor Authentication (MFA): Require additional verification after username and password entry.
  • Data Encryption: Encrypt sensitive data at rest and in transit.

Privilege escalation attacks

Attackers gain unauthorized access and then attempt to obtain higher privileges. Preventive measures:
  • Vulnerability Assessments: Regularly assess and fix security vulnerabilities.
  • Principle of Least Privilege: Limit user access to the minimum necessary permissions.
  • Security Monitoring Tools: Collect and analyze potential security threats.

Insider threat attacks

Threats from employees, former employees, or third parties. Preventive measures:
  • Spyware and Antivirus Programs: Implement robust scanning and firewalls.
  • Security Awareness Training: Train all users on security best practices.
  • Employee Monitoring Software: Identify and mitigate risks from insiders.
  • Data Loss Prevention Policy: Clearly communicate data handling expectations.

Phishing attacks

Attackers impersonate reputable entities via email to distribute malicious code or links. Preventive measures:
  • Gateway Email Filters: Trap phishing emails.
  • User Education: Train users to identify phishing attempts.

Malware attacks

Malware includes Trojans, worms, ransomware and spyware. Preventive measures:
  • Antivirus Tools: Install antivirus software for real-time protection and routine scans.
  • Monitoring Unusual Activity: Be alert for signs of malware.

Distributed denial-of-service (DDoS) Attacks

Attackers flood systems with traffic to shut them down. Preventive measures:
  • System Reboot: Reboot to resolve the attack.
  • Firewall and Router Configuration: Block unwanted traffic and update security patches.

Man-in-the-middle (MitM) Attacks

Attackers intercept and alter communications between two parties. Preventive measures:
  • Encryption Protocols: Implement TLS or SSH.
  • Education on Public Wi-Fi: Inform employees about the risks and encourage VPN use.

Password attacks

Attackers attempt to obtain passwords using various methods. Preventive measures:
  • Multi-Factor Authentication: Require MFA for all logins.
  • Strong Password Policies: Enforce the use of strong, unique passwords.

Web application attacks

Attackers exploit vulnerabilities in web applications. Preventive measures:
  • Code Review: Conduct thorough code reviews.
  • Bot Detection: Prevent bots from accessing data.
  • Web Application Firewall: Monitor and block potential attacks.
Understanding these security incidents and implementing preventive measures can significantly enhance your organization's cybersecurity. Follow CyberWar.news for more stories about hackers stealing data from private and government-owned companies. Watch this video that talks about someone predicting a cyberattack.
This video is from the Covid Times channel on Brighteon.com.

More related stories:

Cybersecurity official warns: Americans must prepare for CYBERATTACKS from Chinese hackers. Cybersecurity expert successfully builds PROPAGANDA MACHINE that can mass produce AI-generated DISINFORMATION. Hackers stole "nearly all" records of customer calls, texts from AT&T. Sources include: Yournews.com Reciprocity.com
Brighteon.com