IE 11 is not supported. For an optimal experience visit our site on another browser.

Defense Department Now Requires Contractors to Report Security Breaches

The Department of Defense says contractors must now "rapidly report cyber incidents" involving some types of sensitive information.
Get more newsLiveonNBC News Now

The Department of Defense announced a mandate on Friday requiring contractors to "rapidly report cyber incidents" involving sensitive information.

The new rule comes months after a security breach at the Office of Personnel Management exposed the personal data of around 21.5 million people.

More than 100,000 companies that make up the DoD’s Defense Industrial Base will have to report breaches that "result in an actual or potentially adverse effect" on databases and information pertaining to DoD activities, according to a notice published Friday in the Federal Register. The development was first reported by The Hill.

Related: OPM Hack: Government Finally Starts Notifying 21.5 Million Victims

The agency also announced that it's expanding its voluntary information-sharing program so that contractors can more easily report security breaches that involve data outside of the scope of the new mandate.

Recently, Washington has expressed concern over security breaches that it says originate from China. A National Security Agency map obtained by NBC News in July showed more than 600 targets of alleged Chinese "cyber espionage" ranging from government offices to defense contractors such as Lockheed Martin. China has denied it engages in the cybertheft of U.S. corporate secrets.