Attivo Networks Blogs

Pentagon data breach exposed 30,000 travel records

SC media logo

The U.S. Department of Defense suffered a data breach through a third-party vendor resulting in at least 30,000 service members and employees having some of their personal and payment card information compromised.

The Pentagon leadership was informed of the breach on October 4 that the unnamed vendor was compromised exposing the PII and credit card information of the military members and civilian workers, according to the Associated Press. The type of attack has not been released, but on source told The AP that no classified data was involved.

A Pentagon spokesman told The AP that the vendor in question is still under contract, but the DoD has taken steps to cut ties with the company.

Hackers target contractors because they are often thought of as the weakest link in the government supply chain,” Jake Olcott, Bitsight’s VP of Strategic Partnerships.

Pentagon and federal employees are no strangers to having their personal information exposed. In 2015 21.5 million current and former government employees were involved in the Office of Personnel Management data breach.

“The treasure trove of personally identifiable data on the Dark Web just continues to grow, enabling fraudsters and steal identities or create new, synthetic identities using a combination of real and made-up information, or entirely fictitious information. For example, the personal and credit card information obtained in the DoD breach could be cross-referenced with data obtained from the OPM breach and other widely publicized private sector breaches,” said Michael Magrath, OneSpan’s director, global regulations and standards.


Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

10 − 5 =

Ready to find out what’s lurking in your network?

Scroll to Top