In a breach disclosure notification submitted to the Maryland attorney general's office on Jan. 20 (PDF), SRA revealed that it has launched an investigation into the virus. The company is "swiftly implementing mitigation and remediation actions to eradicate the virus," the notification says.
This is the second time that SRA has suffered a publicly disclosed security breach. In July 2007, the Associated Press reported that it was able to pull sensitive documents directly from SRA's anonymous FTP server, enabling reporters to gain access to military networks. The servers were subsequently pulled down and replaced with more secure servers, according to news reports.
SRA has not disclosed details on what the virus looks like or how it might have gotten onto the SRA network. The company did say that the malicious software may have allowed hackers to get access to data maintained by SRA, including "employee names, addresses, Social Security numbers, dates of birth, and health care provider information."
The virus was apparently not detected by the company's antivirus software, according to the notification letter. SRA says it is working with its antivirus vendor to add the ability to detect the malware. The company also says it believes that other companies may have been hit by the same problem.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message