Breach, Critical Infrastructure Security, Supply chain

US defense contractor Leidos’ data leaked

Share
Encryption your data. Digital Lock. Hacker attack and data breach. Big data with encrypted computer code. Safe your data. Cyber internet security and privacy concept. Database storage 3d illustration

Leidos Holdings, the IT services provider for the U.S. Department of Defense, the Department of Homeland Security, and NASA, has confirmed having internal data stolen from a third-party breach exposed by threat actors but emphasized that neither its network nor customer information was affected, according to BNN Bloomberg.

"We have confirmed that this stems from a previous incident affecting a third-party vendor for which all necessary notifications were made in 2023," noted a Leidos spokesperson. Such exposed information may have been exfiltrated from a compromised Diligent Corp. system leveraged by Leidos for internal investigation data hosting, noted a source close to the matter. Meanwhile, Diligent disclosed the incident, which has affected fewer than 15 clients, to be related to the breach of its subsidiary Steele Compliance Solutions two years ago. "We promptly notified impacted customers, including Leidos which Diligent initially notified in November 2022, and took immediate corrective action to contain the incident," said the Diligent spokesperson.

Related Terms

Attack Vector

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.