Threat Actor: Cybercriminals | Cybercriminals
Victim: Leidos Holdings Inc. | Leidos Holdings Inc.
Price: N/A
Exfiltrated Data Type: Internal documents
Key Points :
- Leidos is a major IT service provider for the U.S. government, including clients like the Pentagon and NASA.
- The data leak is linked to a breach of Diligent Corp.’s system, which stored sensitive data for Leidos.
- Leidos shares dropped over 4% in after-hours trading following the leak news.
- The leak relates to a 2022 breach of Steele Compliance Solutions, a Diligent subsidiary.
- Leidos confirmed that the incident did not affect their network or confidential client data.
- In the 2022 fiscal year, Leidos became the largest federal IT contractor in the U.S. with nearly $4 billion in contracts.
Cybercriminals have leaked internal documents stolen from Leidos Holdings Inc., one of the largest IT service providers for the U.S. government, Bloomberg reports.
According to a source familiar with the situation, Leidos recently became aware of the issue and believes the documents were stolen as a result of a previously disclosed breach of Diligent Corp.’s system, which it used to store data collected during internal investigations.
Following the news of the data leak, the company’s shares dropped more than 4% in after-hours trading, though they later partially recovered. Leidos counts among its clients agencies such as the Department of Defense (Pentagon), the Department of Homeland Security, and NASA, as well as other government and commercial organizations in the U.S. and abroad.
A representative for Leidos confirmed that the incident is related to the previously known breach affecting a third-party provider. This incident did not impact our network or any confidential client data, the representative noted. The Pentagon, the Department of Homeland Security, and NASA declined to comment.
A Diligent spokesperson stated that the leak is likely connected to a 2022 breach affecting its subsidiary, Steele Compliance Solutions, acquired in 2021. At that time, fewer than 15 clients, including Leidos, used the product. “We promptly informed affected clients, including Leidos, which was notified in November 2022, and took immediate action to address the incident,” the spokesperson added.
Leidos was founded in 2013 and announced a business merger with Lockheed Martin Corp. in 2016. In the 2022 fiscal year, Leidos became the largest federal IT contractor in the U.S., with contract obligations totaling nearly $4 billion.
Related Posts:
Original Source: https://securityonline.info/hackers-leak-sensitive-documents-from-major-pentagon-it-contractor-leidos/