Booz Allen conducting 'full review' of data file hacking
Company believes attack was limited to learning management system for government agency
- By David Hubler
- Jul 13, 2011
Booz Allen Hamilton has confirmed that the posting of certain data files to the Internet on Tuesday was the result of an illegal attack.
“We are conducting a full review of the nature and extent of the attack," the company said in a statement released July 12. "At this time, we do not believe that the attack extended beyond data pertaining to a learning management system for a government agency."
“Our policy and security practice is generally not to comment on such matters; however, given the publicity about this event, we believe it is important to set out our preliminary understanding of the facts,” the company said.
“We are communicating with our clients and analyzing the nature of this attack and the data files affected. We maintain our commitment to protect our clients and our firm from illegal thefts of information,” the statement concluded.
The Anti Security hacking campaign said that it had broken into an unsecured Booz Allen server, copied about 90,000 military e-mails and password hashes, and made them available for downloading.
The announcement gave no details of how the group entered the system but said “We infiltrated a server on their network that basically had no security measures in place. We were able to run our own application, which turned out to be a shell and began plundering some booty.”
Booz Allen Hamilton, of McLean, Va., ranks No. 9 on Washington Technology’s 2011 Top 100 list of the largest federal government contractors.
David Hubler is the former print managing editor for GCN and senior editor for Washington Technology. He is freelance writer living in Annandale, Va.