Hackers steal info on 200,000 Navy personnel (update 2)
Navy Times reports:
The private information of more than 200,000 current and former Navy personnel was compromised in June when hackers broke into the Navy’s Smart Web Move Internet site, an application used to arrange household moves on official orders that was subsequently suspended, Naval Supply Systems Command confirmed Wednesday.
The compromised database stored 11 years of private information, but officials said there is only evidence that the personal data for 20 people was posted online.
The rest of their story is behind a paywall on Navy Times.
The Hacker News reports that the hack was by “digital-corruption” and a partial data dump revealed usernames, email addresses, and “Security Questions – Answers of all users.” The paste has been removed from Pastebin, so I could not confirm that.
Update: see comment from Adam, below, indicating that this claimed hack had been claimed and disclosed previously by other hackers.
Update 2: The mainstream media have picked up the story.Mike Hixenbaugh of The Virginian-Pilot reports:
Compromised information includes full names, social security numbers, home addresses, personal email addresses, user names and answers to online security questions, John Goodhart, deputy head of Naval Supply Systems Command, wrote in an Aug. 29 letter to affected personnel.
The Smart Web Move site was taken permanently offline on June 25 after the Navy learned of the breach, Dortch said. The site had been previously scheduled to go offline this month in lieu of another system.