Defense contracting agency investigating possible breach

The federal agency responsible for managing the Defense Department’s (DOD) outside contracts is investigating a possible breach, security news blog KrebsOnSecurity reported.

As of Wednesday morning, the website for the Defense Contract Management Agency (DCMA) was down. A message posted to the homepage says, “Corrective Action in Progress.”

{mosads}DCMA told KrebsOnSecurity that the page had been pulled after the agency discovered suspicious activity on its server Jan. 28.

In a statement, the agency said it so far had no information that any personal data had been breached from the DCMA or DOD servers.

DOD personnel are “working with DCMA to enhance network security,” DMCA spokesman David Wray said. “DCMA’s website has been intentionally taken offline while the team investigates the activity. All other network operations have proceeded as normal.”

While Wray downplayed the issue, DCMA employees told KrebsOnSecurity the agency was having “major system issues.”

“We have been told it was due to issues with unscheduled maintenance, but the regular emails from [DCMA higher-ups] seem to indicate a larger, unspoken problem,” a DCMA staffer said.

Several workers suggested the infiltration had affected the software used by teleworking employees to review the DOD’s contracts with outside vendors.

Federal agencies and their contractors are a frequent target for foreign hackers.

Last fall, suspected Chinese state-sponsored hackers breached the government’s main security clearance contractor, exposing at least 25,000 Department of Homeland Security (DHS) employees’ records.

That attack followed an earlier incident in which its thought Chinese hackers breached the Office of Personnel Management (OPM), targeting the files of tens of thousands of employees with top-secret clearances.