Navy purchase cards hacked

Defense Department officials said last week that hack attacks compromised about 13,000 Navy purchase cards.

In response, the Navy canceled all purchase card accounts, totalling about 22,000, to minimize unauthorized purchases, according to a statement released by the DOD Purchase Card Management Office.

"Vendors who accept the purchase card and do business with the Navy should be aware that all card accounts have been cancelled and that Citibank is working quickly to re-establish new accounts and cards," the statement read. "In the meantime, emergency purchases are being handled on a case-by- case basis to fully support Navy requirements."

DOD has designated a team to investigate how the hack occurred and what needs to be done to ensure that it does not happen again. A Defense Criminal Investigative team is also working on the investigation.

DOD spokesman Glenn Flood said the department does not know how the hackers accessed the numbers or if any money was spent before the theft was realized. An official familiar with the investigation said none of the compromised cards were used, because DOD criminal investigators would have instantly known of the attempt and been able to catch the perpetrator. The official would not say how the hack was discovered.

The credit cards tap directly into a Navy account with Citibank and are designed to accommodate purchases up to $2,500.

Karen Meloy, deputy commander of the Navy e-Business Operations Office, said the decision to cancel the 22,000 cards was made because of the large number of cards that may have been compromised.

"I decided to cancel all the compromised accounts once we heard the volume [of] compromised cards," Meloy said. "All compromised accounts have been reissued, and we are consistently monitoring reactivation."

Steve Kelman, a professor of public management at Harvard University's Kennedy School and former administrator of the Office of Federal Procurement Policy during the Clinton administration, said replacing the cards quickly needs to be the department's top priority.

"Obviously, just as if an individual's card was stolen, DOD or the Navy needs to get new numbers or cards out for those whose cards were compromised," Kelman said. "Hopefully, this can happen very quickly because credit cards are very valuable to the federal procurement process and it would be a problem if these cards were not available for a significant amount of time."

The purchase cards have been fraught with problems for years. The General Accounting Office has called controls over the Navy's purchase card program particularly weak.

DOD has long dealt with myriad unauthorized purchases, from prostitutes' services to plastic surgery, motorcycles to music concerts.

During the past few years, DOD has reduced the number of purchase cards issued to its uniformed and civilian employees to reduce the total risk of fraud or abuse.

DOD issues travel cards that are designed to cover expenses while traveling on official business and must be repaid by the cardholder.

The Fed 100

Read the profiles of all this year's winners.

Featured

  • Shutterstock image (by wk1003mike): cloud system fracture.

    Does the IRS have a cloud strategy?

    Congress and watchdog agencies have dinged the IRS for lacking an enterprise cloud strategy seven years after it became the official policy of the U.S. government.

  • Shutterstock image: illuminated connections between devices.

    Who won what in EIS

    The General Services Administration posted detailed data on how the $50 billion Enterprise Infrastructure Solutions contract might be divvied up.

  • Wikimedia Image: U.S. Cyber Command logo.

    Trump elevates CyberCom to combatant command status

    The White House announced a long-planned move to elevate Cyber Command to the status of a full combatant command.

  • Photo credit: John Roman Images / Shutterstock.com

    Verizon plans FirstNet rival

    Verizon says it will carve a dedicated network out of its extensive national 4G LTE network for first responders, in competition with FirstNet.

  • AI concept art

    Can AI tools replace feds?

    The Heritage Foundation is recommending that hundreds of thousands of federal jobs be replaced by automation as part of a larger government reorganization strategy.

  • DOD Common Access Cards

    DOD pushes toward CAC replacement

    Defense officials hope the Common Access Card's days are numbered as they continue to test new identity management solutions.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group