IE 11 is not supported. For an optimal experience visit our site on another browser.

Likely military data breach may have compromised service members' personal information

The Defense Department said about 200,000 people could have been affected, but there was no indication anyone's data was misused.
Image: FILE PHOTO: The National Security Agency is seen at Fort Meade in Maryland
A building at Fort Meade, Maryland, where the Defense Information Systems Agency is headquartered, on Sept. 19, 2007.Jason Reed / Reuters file
By Kevin Collier and Mosheh Gains

The agency of the U.S. military that oversees information technology and communications has suffered a potential breach of service members' personal information, it said in letters sent to victims this month.

The letters, dated Feb. 11, told recipients that last May and June, "some of your personal information, including your Social Security number, may have been compromised in a data breach on a system hosted by the Defense Information Systems Agency," or DISA.

The Defense Department said about 200,000 people could be affected by the breach, all of whom have affiliation with the agency. The breach was disclosed through a routine security check and has since been fixed, said Chuck Prichard, a Pentagon spokesman. He said there was no indication that any personal information was misused.

The letters sent to service members do not provide further details about what happened. Three retired veterans who received the notice said they had no idea of the scope of the breach.

"I'm an Army vet and government contractor so my info is in a lot of systems maintained by DISA," Andy Piazza, who also posted his copy of the letter to Twitter, said in an online chat. "No idea the system nor the scale."

"I have no idea what breach this is associated with," said retired Air Force Gen. Brett Williams, former director of operations at U.S. Cyber Command, who posted his letter to LinkedIn and spoke with NBC News through the platform.

"Just thought it was interesting to post to demonstrate the lame approach so many people take to handling successful cyber attacks," Williams said. "Hopefully no 'for profit' company would think this is an acceptable response."

DISA's letter raised fears of echoing the 2015 breach of the Office of Personnel Management, where hackers who the U.S. government believes worked for Chinese intelligence stole files on an estimated 21.5 million people who had applied for government jobs.

Download the NBC News app for breaking news and politics

Phil Waldron, a retired Army veteran who also received a letter, said DISA holds sensitive information about service members.

"DISA is the hub of everything communications, so it's huge," Waldron said via a messaging app. "Everybody's unclassified email runs through DISA."

Kevin Collier

Kevin Collier is a reporter covering cybersecurity, privacy and technology policy for NBC News.

Mosheh Gains

Mosheh Gains is a Pentagon producer for NBC News.