Personal data for more than 130,000 sailors stolen, admits US Navy

An investigation into the breach is ongoing

Click to follow
The Independent US

The US Navy is investigating the theft of data belonging to more than 130,000 sailors seeking re-inlistment in the service.

Officials revealed this week that the information was stolen from a contractor’s laptop. 

The Navy Times said the military was notified in October by Hewlett Packard Enterprise Services that a computer supporting a Navy contract was “compromised” and that the names and social security numbers of 134,386 current and former sailors were accessed by unknown persons.

The Naval Criminal Investigative Service is in the early stages of investigating the breach, but said it had not found any malicious use of the data yet, the newspaper said.

“The Navy takes this incident extremely seriously - this is a matter of trust for our Sailors,“ Navy personnel boss Vice Adm Robert Burke said in a statement released on Wednesday. 

“We are in the early stages of investigating and are working quickly to identify and take care of those affected by this breach."

The paper said an official familiar with the investigation said the personal data came from the Career Waypoints database, known as C-WAY, which sailors use to submit re-enlistment and Navy Occupational Specialty requests. The US Navy has about 430,000 sailors on active duty or in ready reserve.

The Navy will be notifying the affected sailors by phone, email and by mail and it is looking into credit monitoring services for them. 

This is at least the second major breach of Navy data linked to its contracting activities with Hewlett Packard, the paper said. 

In 2013, the service announced that Iran had penetrated its unclassified Navy and Marine Corps Intranet. In March 2014, the Wall Street Journal reported that the breach was due to a sloppily written contract with Hewlett Packard that did not need P to provide security for some of the Navy’s unclassified databases. 

A spokesman for Hewlett Packard Enterprise Services, said: “This event has been reported to the Navy and because this is an ongoing investigation, HPE will not be commenting further out of respect for the privacy of our Navy personnel.”

Comments