Security Experts:

Connect with us

Hi, what are you looking for?


Data Protection

U.S. Navy Warns 130,000 Sailors of Data Breach

The U.S. Navy has launched an investigation into a data breach involving the personal information of more than 130,000 current and former sailors.

The U.S. Navy has launched an investigation into a data breach involving the personal information of more than 130,000 current and former sailors.

The organization was informed by Hewlett Packard Enterprise Services on October 27 that the laptop of an employee supporting a Navy contract had been “compromised.” An investigation revealed that the device contained the personal details, including names and social security numbers (SSNs), of 134,386 current and former sailors.

Affected individuals will be notified in the upcoming weeks via phone, email and letters. While there is no evidence that the compromised information has been misused, the Navy says it’s looking into credit monitoring service options for impacted sailors.

“The Navy takes this incident extremely seriously- this is a matter of trust for our Sailors,” stated Chief of Naval Personnel Vice Admiral Robert Burke. “We are in the early stages of investigating and are working quickly to identify and take care of those affected by this breach.”

While the Navy has not shared any details about the breach and what “compromised” means, Reuters reported that the laptop in question was hacked. The Navy Times learned from an unnamed official familiar with the investigation that the exposed data came from the Career Navigator (C-NAV) database.

HPE has declined to comment, citing an ongoing investigation. The company and its Next Generation Enterprise Network (NGEN) partners secured a 5-year contract with the Navy in 2013. When announced, the contract was valued at roughly $3.45 billion and it covered IT services and support for 800,000 sailors, marines and civilians in the U.S., Hawaii and Japan.

Several data breaches affecting the Navy were disclosed in the past decade, including cyberattacks and incidents involving stolen laptops. In 2012, Iran-linked hackers gained access to the Navy’s unclassified Navy Marine Corps Intranet and it took the organization nearly four months to clean up the compromised machines.

Related Reading: Sofacy Threat Group Targets US Government

Related Reading: U.S. Government Targeted With GovRAT 2.0 Malware

Related Reading: Iran-Linked Attackers Target Government Organizations

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

CommandK announced that it has raised $3 million in a seed funding round for a solution designed to help organizations secure sensitive data.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...