FORT MEADE, Maryland (NBC News) – The branch of the U.S. military that oversees information technology and communications has suffered a potential breach of service members’ personal information, the branch said in letters sent to victims this month.
The letters, dated Feb. 11, told recipients that last May and June, “some of your personal information, including your Social Security number, may have been compromised in a data breach on a system hosted by the Defense Information Systems Agency.”
The Department of Defense said about 200,000 people could potentially be affected by the breach, all of whom have affiliation with the agency. The breach was disclosed through a routine security check and has since been fixed, said Chuck Prichard, a DOD spokesman. He said there was no indication any personal information was misused.
The letters sent to service members do not provide further details about what happened. Three retired veterans who received the notice said they had no idea of the scope of the breach.
“I’m an Army vet and government contractor so my info is in a lot of systems maintained by DISA,” Andy Piazza, who also posted his copy of the letter to Twitter, said in an online chat. “No idea the system nor the scale.”
“I have no idea what breach this is associated with,” said Brett Williams, a retired Air Force general and former director of operations at U.S. Cyber Command, who posted his letter to LinkedIn and spoke with NBC News through the platform. “Just thought it was interesting to post to demonstrate the lame approach so many people take to handling successful cyber attacks. Hopefully, no ‘for profit’ company would think this is an acceptable response.”
DISA’s letter raised fears of echoing the 2015 breach of the Office of Personnel Management, where hackers, who the U.S. government believes worked for Chinese intelligence, stole files on an estimated 21.5 million people who had applied for government jobs.