The Pentagon still has to grapple with data security woes despite efforts to harden its sites and networks. Defense Department officials have revealed that a travel record data breach at an unnamed contractor exposed the personal info of military and civilian staffers, including credit cards. An AP source said that this didn't compromise classified material, but it affected "as many as" 30,000 workers. There's a chance that number might get larger, according to the source.
It's not certain when the intrusion took place. Department staff warned leaders on October 4th after discovering the breach, but it might have taken place earlier and gone unnoticed. The organization is contacting affected individuals in the days ahead and promises fraud protection services.
The timing is... less than ideal. The Government Accountability Office only just issued a report saying that the Defense Department had made progress on securing its networks, but was falling short in protecting weapon systems. Clearly, there's work to be done beyond that, even if the scale isn't as large as some high-profile government hacks. Institutions are only as secure as the vendors they use, and a flaw at one partner can have far-reaching repercussions.