Cyber Defense Advisors

Hacking gang leaks documents stolen from Pentagon IT provider

Graham CLULEY

July 29, 2024

Promo Protect all your devices, without slowing them down. Free 30-day trial

Hackers have released internal documents stolen from one of America’s largest IT services providers, which counts various US government agencies, including the Department of Defense, amongst its customers.

Bloomberg reports that the leaked data, which belonged to Virginia-based Leidos Holdings, was seized by hackers during a previously-reported breach in 2022 of software-as-a-service firm Diligent.

The cybercriminal gang which has leaked the data is said to be the Russia-linked Trigona ransomware group, whose past victims have included Mexican telecoms company Claro.

In October 2023, hacktivists at the Ukrainian Cyber Alliance announced that they had managed to hijack Trigona’s leak site, seizing copies of the gang’s internal chats, data, and the website’s source code.

Unfortunately, and perhaps not surprisingly, the disruption to the cybercrime gang’s operations was only temporary.

The good news for The Pentagon (the US Department of Defense is Leidos’s biggest customer) is that the stolen information appears to mostly involve Leidos’s internal corporate data (such as internal reviews and investigations) rather than anything which might be considered militarily sensitive.

Other US government agencies which are no doubt issuing a sigh of relief will be NASA and the Department of Homeland Security.

“We have confirmed that this stems from a previous incident affecting a third-party vendor for which all necessary notifications were made in 2023,” a Leidos spokesperson was reported as saying. “This incident did not affect our network or any sensitive customer data.”

For its part, Diligent has told the press that the breach relates to a company that itself acquired in 2021.

Diligent says that the data breach was related to Steele Compliance Solutions and occurred in 2022, and that it told impacted customers at the time about the incident and steps that should be taken.

Diligent appears to have notified Leidos on November 11, 2022 of the security incident which saw an unauthorised party access data that should have been kept secure.

“We take security very seriously and believe we have taken the necessary steps to ensure any acquired company meets the same standard that our clients expect in a Diligent product,” a Diligent spokesperson told The Register.

It is, of course, not good that data might have leaked online from a Pentagon IT supplier.  But it’s a whole lot better than secret military documents being shared online for anybody to download.