The Defense Information Systems Agency, an arm of the U.S. Department of Defense that handles secure communications and IT for the president and others, confirmed that it experienced a data breach in the middle of 2019. The agency has revealed little about the incident.
According to a DISA Feb. 11 letter that was sent to individuals whose personal information “may have been compromised,” the breach occurred between May and July last year. The letter further stated that DISA has since improved its security measures and protocols and that potential victims of identity theft would receive free credit monitoring.
In an email to Government Technology, DoD spokesman Chuck Prichard didn’t reveal whether the breach involved more sensitive records than nonsensitive records, but he said the personally identifiable information “included names and Social Security numbers.”
Prichard said that while DoD and DISA take cybersecurity and breaches “very seriously,” they do not plan on revealing certain details about this incident.
“For operational security reasons, the department does not comment on the actions taken to mitigate risks or vulnerabilities,” he said.
In a news and career advice article for ClearanceJobs, a defense- and security-focused job networking site, former senior military strategist Steve Leonard said he received the DISA letter and was not satisfied with its message.