Hackers Leak Sensitive Documents from Major Pentagon IT Contractor, Leidos

by do son · July 26, 2024

Cybercriminals have leaked internal documents stolen from Leidos Holdings Inc., one of the largest IT service providers for the U.S. government, Bloomberg reports.

According to a source familiar with the situation, Leidos recently became aware of the issue and believes the documents were stolen as a result of a previously disclosed breach of Diligent Corp.’s system, which it used to store data collected during internal investigations.

Following the news of the data leak, the company’s shares dropped more than 4% in after-hours trading, though they later partially recovered. Leidos counts among its clients agencies such as the Department of Defense (Pentagon), the Department of Homeland Security, and NASA, as well as other government and commercial organizations in the U.S. and abroad.

A representative for Leidos confirmed that the incident is related to the previously known breach affecting a third-party provider. This incident did not impact our network or any confidential client data, the representative noted. The Pentagon, the Department of Homeland Security, and NASA declined to comment.

A Diligent spokesperson stated that the leak is likely connected to a 2022 breach affecting its subsidiary, Steele Compliance Solutions, acquired in 2021. At that time, fewer than 15 clients, including Leidos, used the product. “We promptly informed affected clients, including Leidos, which was notified in November 2022, and took immediate action to address the incident,” the spokesperson added.

Leidos was founded in 2013 and announced a business merger with Lockheed Martin Corp. in 2016. In the 2022 fiscal year, Leidos became the largest federal IT contractor in the U.S., with contract obligations totaling nearly $4 billion.