The travel records for at least 30,000 personnel working for the Department of Defense have been exposed by a vendor used by the Pentagon, according to Pentagon spokesman Lt. Col. Joseph Buccino.
According to Buccino, “The department is continuing to gather additional information about the incident, which involves the potential compromise of personally identifiable information of DoD personnel maintained by a single commercial vendor that provided travel management services to the department. This vendor was performing a small percentage of the overall travel management services of DOD.”
The breach has affected 30,000 military and civilian personnel and relates to the disclosure of personal information as well as credit card information. The breach was first reported by the Associated Press.
The Pentagon first learned about the breach on October 4, but it’s possible the breach may have occurred many months earlier.
The Pentagon is declining to name the vendor that experienced the breach, due, it says, to security issues. They have begun notifying all the victims and providing identity theft monitoring services.
The Defense Department says it has begun directly notifying all breach victims. The department is offering victims prepaid identity theft monitoring services, the AP reports.