Hackers have leaked internal documents stolen from one of the largest IT services providers to the US government, Leidos Holdings.
Leidos Holdings recently learned of the hack, believing that the documents stolen were in a previously disclosed breach of a Diligent Corp. system it used, according to Bloomberg's sources, who asked not to be identified because the information isn't public. Leidos is reportedly investigating the issue now, the person added.
Now, the customers of Leidos are important: it includes the US Defense Department (DOD), the Department of Homeland Security (DHS), NASA, and other US and foreign agencies and commercial businesses. Leidos used the Diligent system to host information gathered from internal investigations, according to a June 2023 filing in Massachusetts.
Leidos hasn't responded to comments about the hack, and neither have the Pentagon, the Department of Homeland Security, or NASA. Bloomberg reviewed some of the leaked files that were purportedly from Leidos on a cybercrime forum, but "details were redacted and Bloomberg couldn't verify their authenticity".
- Read more: Cyber Polygon: worldwide drill right NOW for 'Cyber Pandemic'
- Read more: Microsoft blames global Crowdstrike meltdown on a deal made in 2009
- Read more: CrowdStrike announces a 'significant' number of the 8.5 million Windows PCs are recovered
- Read more: Windows Developer explains how CrowdStrike caused 8.5 million Windows PCs to blue screen
- Read more: Snowden reveals another NSA spy program: XKeyscore
- Read more: Julian Assange is FREE: released from maximum security prison, onto a flight back to Australia
Bloomberg reports that a Diligent spokesperson said the leak appears to be from a 2022 hack affecting its subsidiary business Steele Compliance Solutions, a company it acquired in 2021. Bloomberg adds that less than 15 customers, including Leidos, used the product at the time.
The Diligent spokesperson said: "We promptly notified impacted customers, including Leidos which Diligent initially notified in November 2022, and took immediate corrective action to contain the incident".
The leaked documents were reportedly stolen in part of two breaches of Diligent in 2022, according to findings, while the company itself was formed in 2013 and acquired Lockheed Martin's information technology business. It was the largest federal IT contractor in fiscal year 2022, with $3.98 billion in contract obligations, according to Bloomberg Government data.