Deltek suffers cyber attack putting 80,000 employees of vendors at risk

Wednesday - 4/9/2014, 5:42am EDT

About 80,000 employees of federal contractors are at risk of identity theft after a hacker broke into business research firm Deltek's GovWin IQ system.

In an email to vendors, which Federal News Radio obtained and was confirmed by Deltek, Mike Corkery, the company's president and CEO, said it discovered on March 13 it had suffered a cyber attack where a hacker obtained GovWin IQ usernames and passwords, and potentially the credit card information of about 25,000 of those 80,000 customers.

Deltek said the widespread cyber attack also affected a number of federal agencies and other companies.

"We take the security of our systems seriously," wrote Patrick Smith, Deltek's senior vice president of marketing, in an email response to questions from Federal News Radio. "After discovering the issue, we have worked around the clock to address the problem by taking careful and systematic measures to protect our customers. These include cooperating with law enforcement on this case, working with a leading cybersecurity firm to conduct an investigation into this matter and to make recommendations for how we can minimize the chances of this happening again, strengthening the security of our GovWin IQ solution in multiple ways, and notifying our customers."

Smith said for those 25,000 individuals whose credit cards may have been compromised, Deltek is offering a membership to TransUnion Monitoring at no charge.

Smith wouldn't offer any details on the vulnerability the hackers took advantage of to get into their system.

Corkery said in the email to vendors that law enforcement officials already have made an arrest in the case.

"It is important to note that we have received no indication that your GovWin IQ username and password were misused in any way," Corkery said in the email. "We have remedied the security vulnerability that we believe the hacker exploited in order to gain unauthorized access to our GovWin IQ system. We have increased the overall security of GovWin IQ, including by reviewing and improving our data security procedures and changing our practices for handling personal information."

Smith said in response to this specific situation, Deltek has strengthened its login and password processes and its overall cybersecurity profile.

Corkery said Deltek implemented improvements to the security of its GovWin IQ system Tuesday night, which requires users to change their usernames and passwords the next time they log onto the system. Going forward, he said customers will have to change their passwords every 90 days.

Deltek becomes the latest in a line of federal contractors who have suffered a cyber attack over the last several years. In 2011, Lockheed Martin, L-3 Communications and Northrop Grumman were victims of a cyber breach.

Federal agencies haven't fared well against hackers either — nearly every agency has fallen victim, including the FBI, the Defense Department, the Energy Department and many others.

The attack against Deltek, however, is the first one that has been made public against a company that directly serves federal contractors.

"If you previously used your GovWin IQ login and password to access any other network, financial account, email or social media account, we strongly recommend that you change those passwords immediately as well," Corkery said.

Deltek also set up an email address for users to submit questions: protect@deltek.com.

RELATED STORIES:

Cyber attack against TSP contractor exposes thousands of accounts

Energy ups number of employees at risk after cyber attack to 53,000

Scam targets GSA schedule holders using spoofed federal email addresses