Booz Allen Hamilton on Tuesday confirmed that its network was hacked but suggested the break-in was more limited than attackers have described.
On Monday, the Anonymous hacking group said it broke into Booz Allen's network and stole 90,000 military email addresses and passwords, which it posted online. Booz Allen wouldn't confirm the attack at the time, saying that as part of its security policy it generally doesn't comment on specific threats.
[ Also on InfoWorld: Anonymous eyes political role, but won't go legit. | Learn how to greatly reduce the threat of malicious attacks with InfoWorld's Insider Threat Deep Dive PDF special report. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
It now says that given the publicity about the event, it has decided to share its understanding of what happened.
It confirmed the attack and said it was conducting a review of the nature and extent of the incident. "At this time, we do not believe that the attack extended beyond data pertaining to a learning management system for a government agency," it said in a statement.
The Anonymous hacker group has promised two major data dumps this week. Speculation is rampant about who might be the target of the second attack.
Anonymous and another recently disbanded hacking group, LulzSec, have been attacking government and law enforcement targets as part of a campaign they call "AntiSec." They have broken into systems of the Arizona police, Turkish government websites, the U.S. Central Intelligence Agency and the U.K.'s Serious Organized Crime Agency.