The U.S. Department of Defense (DoD) warned that a data breach at the Defense Information Systems Agency (DISA) might have compromised some individuals' personal information.
In a photograph of a letter obtained by Reuters, DISA CIO and Risk Management Executive Roger S. Greenwell warned recipients that a data breach might have compromised their personal details between May 2019 and July 2019. Greenwell said that this information might have included recipients' Social Security Numbers. The notification letter said that DISA had not found any evidence of anyone having misused recipients' personally identifiable information (PII). Even so, it said that it was bound by its own policy to notify potential victims of the incident. A DoD combat support entity, DISA provides direct telecommunications and IT support for the U.S. President, Vice President, Secret Service and other senior members of the armed services Greenwell went on to explain the steps that the agency had decided to take in order to protect individuals affected by the data breach:
We take this potential data compromise very seriously. As a result, we have put additional security measures in place to prevent future incidents and we are adopting new protocols to increase protection of all PII. In addition, DISA will provide free credit monitoring services at no cost to you. Information concerning credit monitoring, including how to sign up for the service, will follow in a separate letter.
While they wait for this other letter, individuals potentially affected by the data breach at DISA should consider taking some additional steps to protect themselves against identity thieves. For instance, they should consider placing a fraud alert or security freeze on their credit files at all three credit bureaus. They should also think about reviewing the strength of the passwords that protect their online accounts, and they should enable extra security measures such as multi-factor authentication (MFA) whenever a service offers them.