"Government contractors that handle personal information must take required steps to safeguard that information from cyber attacks," declared Brian M Boynton, principal deputy assistant attorney general and head of the Justice Department's Civil Division.
"We will vigilantly pursue contractors that fail to comply with required cyber security protocols, while at the same time extending cooperation credit where warranted for self-disclosure, cooperation, and remediation."
The primary allegation in the case was that a subcontractor engaged by AFDS, whose servers were used to carry out the electronic task, wasn't compliant with HHS cyber security requirements.
The subcontractor used disk-level encryption for files stored on the server but it was only configured to block access by those using invalid credentials.
Collection
[
|
...
]