Pentagon Breach Raises Questions about Contractor Background Checks

By Michael Klazema on 10/30/2018

The Pentagon recently disclosed a significant data breach of Department of Defense records. Per a report from the Associated Press, the breach involved a Department of Defense contractor and exposed data from DoD travel records, including personal information and credit card numbers. It is estimated the breach affected some 30,000 people. The AP report notes those estimates could increase as the government continues to investigate the breach. Both “military and civilian personnel” were affected.

A cyber security team member notified Pentagon leaders about the breach on October 4. Since then, the government has been trying to ascertain the size of the hack and determine who was responsible for it. While those details remain unavailable, the Pentagon has indicated an unidentified Department of Defense contractor may be involved. The vendor was not identified for “security reasons.”

This incident isn’t the first time the federal government has indicated a third-party contractor is involved in a breach. In 2014, USIS, a contractor for the Office of Personnel Management (OPM), disclosed a breach that exposed personal information for 25,000 government employees. At the time, USIS was responsible for running most of the security clearance background checks for OPM. Shortly after that, OPM cut ties with USIS, and just months after that, OPM suffered its own massive breach, which compromised 21.5 million personnel records.

These issues, with USIS and with the unidentified vendor allegedly responsible for the recent Pentagon breach, beg the question of what strategies the federal government has in place for screening its contractors. The AP report raised questions about whether the Pentagon was adequately protecting its data and systems at all, regardless of the involvement of outside vendors. A federal report released a few weeks ago noted the Pentagon had been lax about updating security for military weapons programs, leaving them vulnerable to cyber breaches.

At, we offer a solution tailored to help businesses screen vendors, contractors, co-employed individuals, and other non-traditional personnel. Organizations often struggle with vetting these individuals or entities. Some aren’t sure where to start, while others wonder whether vendors or contractors require the same level of background check vigilance as full-time employees.

As the leak of DoD travel records shows, a vendor or contractor can hold significant responsibilities in the areas of privacy and data management. You are trusting the organizations or individuals with your company’s data, trade secrets, and other proprietary information. Running adequate background checks for contractors and vendors is just as important as it is for your full-time employees. Learn more about the importance of vendor and contractor background checks by reading our whitepaper on the subject.



Tag Cloud
Recent Posts

Latest News

  • November 20 The #MeToo movement is bringing about legislative changes employers need to know about. We review some of the laws recently passed in California.
  • November 15

    Replacing an inconsistent array of procedures, Ontario's government has passed into law a reform act intended to clarify how police departments should handle requests for information to be used in background checks. 

  • November 14 The federal government has vowed to cut its backlog of security clearance background checks in half by spring. Currently, the backlog is approximately 600,000 names strong.
  • November 08 A Texas-based company was found to be supplying landlords with inaccurate background check results, potentially affecting housing decisions. The company must pay a record-setting settlement.
  • November 07 Orange Leaf Frozen Yogurt brand trusts to perform the crucial function of background checks on job candidates before extending offers of employment.
  • November 06 The man previously responsible for running background checks on New York City’s school bus drivers says the city’s Department of Education has been pushing back against more thorough checks. The DOE reportedly circumnavigated proper bus driver vetting channels for most of the spring and summer this year.
  • November 06 If you have a series of speeding tickets or other traffic violations, do you need to disclose them as criminal history?
  • November 01 South Carolina's legislature recently adopted a measure to expand access to expungement opportunities for the state's ex-convicts, but other gaps in the process remain. Advocates disagree on how to address the problem to protect offenders as well as the public.
  • October 31 Background checks will show different things depending on the type of check. Here are a few ways employers can use background checks to learn about candidates.
  • October 30 The Pentagon recently disclosed a breach that exposed the personal information of roughly 30,000 personnel. The government blamed the breach on a contractor, calling into question background check policies for federal government vendors.