NextGov: THIRD-PARTY SOFTWARE WAS ENTRY POINT FOR BACKGROUND-CHECK SYSTEM HACK

USIS hacked to open personal records on federal employees and contractors with access to classified intelligence

Hackers broke into third-party software in 2013 to open personal records on federal employees and contractors with access to classified intelligence, according to the government’s largest private employee investigation provider.

That software apparently was an SAP enterprise resource planning application. It’s unclear if there was a fix available for the program flaw at the time of the attack. It’s also not clear whether SAP—which was responsible for maintaining the application—or USIS would have been responsible for patching the flaw.

>> Full Story

Advertisements