Federal News Radio reports that the personal information of approximately 80,000 employees of federal contractors may have been accessed when a hacker accessed research firm Deltek's GovWin IQ system.
The breach, which was discovered on March 13, 2014, exposed approximately 80,000 GovWin IQ user names and passwords. In about 25,000 cases, credit card information (including names, billing addresses, phone numbers, e-mail addresses, credit card numbers and expiration dates) may also have been exposed.
"Based on the evidence we have, we believe the cyber attack on Deltek's GovWin IQ Web site occurred sometime between July 3, 2013 and November 2, 2013. ... Deltek is cooperating with law enforcement's investigation into this matter, and I am pleased to report that the individual believed to be responsible has been arrested," Deltek president and CEO Michael Corkery wrote in the notification letter [PDF].
For the 25,000 people whose credit card information may have been accessed, Deltek is offering a one-year subscription to credit monitoring services from TransUnion.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
"We have remedied the security vulnerability that we believe the hacker exploited in order to gain unauthorized access to our GovWin IQ system," Corkery wrote. "We have increased the overall security of GovWin IQ, including by reviewing and improving our data security procedures and changing our practices for handling personal information."
"We also have hired one of the nation's premier cyber security forensic firms to conduct a detailed investigation of this matter and to make recommendations for how we can minimize the chances that this will happen again in the future," Corkery added.