Internal Documents from Pentagon and NASA IT Provider ‘Leidos’ Have Reportedly Leaked

Published on July 24, 2024
Written by:
Lore Apostol
Lore Apostol
Infosec Writer & Editor
Edited by:
Novak Bozovic
Novak Bozovic
Senior VPN Editor

IT services provider Leidos Holdings Inc. recently became aware of its internal documents being stolen and allegedly leaked by hackers on a cybercrime forum and started investigating the data breach, as per a Bloomberg News report. The Virginia-based company works with several U.S. government agencies, including the Department of Defense.

The IT giant says this security incident did not impact the company network and sensitive customer data. However, the types of leaked documents were not disclosed. Bloomberg reviewed some of the files in the sample provided by the hacker, but the documents’ authenticity could not be verified due to details being redacted.

Still, Leidos handles the Pentagon, the Department of Homeland Security, NASA, and other U.S. government agencies, and none have commented yet.

Leidos believes the private files were exfiltrated during a previously reported third-party vendor data breach in 2022. The security incident stemmed from a Diligent Corp. software vulnerability. All necessary notifications were made in 2023, with the company filing with the Attorney General of Montana.

Diligent is a third-party service provider to Leidos and hosts the company’s enterprise case management system (ECMS), which the company uses to store information gathered in internal investigations.

According to the filing, on November 11, 2022, Diligent notified Leidos that an unauthorized party had accessed confidential information provided to Leidos starting as early as September 2022. The incident affected Diligent subsidiary Steele Compliance Solutions.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: