The Department of Defense announced a mandate on Friday requiring contractors to "rapidly report cyber incidents" involving sensitive information.
The new rule comes months after a security breach at the Office of Personnel Management exposed the personal data of around 21.5 million people.
More than 100,000 companies that make up the DoD’s Defense Industrial Base will have to report breaches that "result in an actual or potentially adverse effect" on databases and information pertaining to DoD activities, according to a notice published Friday in the Federal Register. The development was first reported by The Hill.
The agency also announced that it's expanding its voluntary information-sharing program so that contractors can more easily report security breaches that involve data outside of the scope of the new mandate.
Recently, Washington has expressed concern over security breaches that it says originate from China. A National Security Agency map obtained by NBC News in July showed more than 600 targets of alleged Chinese "cyber espionage" ranging from government offices to defense contractors such as Lockheed Martin. China has denied it engages in the cybertheft of U.S. corporate secrets.