United States Navy (Navy-SWM)

In June 2012, the United States Navy’s Standard Integrated Personnel System (Navy-SWM) was breached via a SQL injection attack by hackers from TeamDigi7al (Nicholas Paul Knight and Daniel Trenton Krueger). The attackers, motivated by boredom and political inclination, exfiltrated confidential records of ~220,000 Navy service members, including those deployed overseas. While Social Security numbers were redacted, the leaked data was posted online, and the hackers boasted about it on Twitter.The breach forced the permanent shutdown of Navy-SWM, disrupting logistical support for over 700 deployed personnel for 10+ weeks. The Navy incurred financial losses of ~$514,000, and the operational outage severely hampered personnel transfers. The incident exposed systemic vulnerabilities in the Navy’s cybersecurity posture, though post-incident mitigation measures remain undisclosed.

Source: https://cdn.theatlantic.com/assets/media/img/posts/050514_Knight.pdf

TPRM report: https://www.rankiteo.com/company/united-states-department-of-the-navy

"id": "uni851092125",
"linkid": "united-states-department-of-the-navy",
"type": "Cyber Attack",
"date": "6/2012",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'customers_affected': '220,000 service members (data '
                                              'breach); 700+ deployed '
                                              'personnel (operational impact)',
                        'industry': 'Defense',
                        'location': 'USA',
                        'name': 'United States Navy',
                        'type': 'Government/Military'}],
 'attack_vector': 'SQL injection',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': '220,000',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High (PII, military personnel data)',
                 'type_of_data_compromised': ['personnel records',
                                              'transfer logistics data']},
 'date_detected': '2012-06',
 'description': 'In June 2012, the United States Navy was targeted by a '
                'hacking attack using SQL injection. The attackers, '
                'TeamDigi7al (Nicholas Paul Knight and Daniel Trenton '
                'Krueger), exploited the Navy-SWM database, stealing '
                'confidential information of ~220,000 service members. The '
                'data, with redacted SSNs, was posted online, and the '
                'attackers boasted about it on Twitter. The Navy-SWM system '
                'was permanently shut down, disrupting logistical support for '
                'over 700 deployed service members for 10+ weeks. The Navy '
                'incurred a financial loss of ~$514,000. The attackers cited '
                "boredom, political inclination, and 'fun' as motivations.",
 'impact': {'brand_reputation_impact': 'Public embarrassment due to Twitter '
                                       'boasting and data leak; loss of trust '
                                       "in Navy's cybersecurity",
            'data_compromised': {'details': 'Social Security Numbers (redacted '
                                            'in public release)',
                                 'records': '220,000',
                                 'type': ['confidential personnel records']},
            'downtime': {'affected_services': ['logistical support for '
                                               'transfers'],
                         'affected_users': '700+ deployed service members',
                         'duration': '>10 weeks'},
            'financial_loss': '$514,000',
            'identity_theft_risk': 'High (despite SSN redaction, other PII '
                                   'likely exposed)',
            'operational_impact': 'Permanent shutdown of Navy-SWM system; '
                                  'disrupted transfers and logistical support '
                                  'for deployed personnel',
            'systems_affected': ['Navy-SWM (Navy Standard Integrated Personnel '
                                 'System)']},
 'initial_access_broker': {'entry_point': 'SQL injection vulnerability in '
                                          'Navy-SWM database',
                           'high_value_targets': ['personnel records',
                                                  'transfer logistics data']},
 'investigation_status': "Unclear; no public details on Navy's internal "
                         'investigation or legal actions against perpetrators',
 'motivation': ['boredom', 'political inclination', 'fun', 'bragging rights'],
 'post_incident_analysis': {'root_causes': ['Poor input validation in Navy-SWM '
                                            'database',
                                            'Lack of SQL injection protections',
                                            'Insufficient monitoring for '
                                            'unauthorized access']},
 'references': [{'source': 'Publicly reported incident (2012)'}],
 'threat_actor': ['TeamDigi7al',
                  'Nicholas Paul Knight',
                  'Daniel Trenton Krueger'],
 'title': '2012 U.S. Navy SQL Injection Attack by TeamDigi7al',
 'type': ['data breach', 'unauthorized access', 'SQL injection'],
 'vulnerability_exploited': 'SQL injection vulnerability in Navy-SWM database'}

United States Navy (Navy-SWM)

Ronald Reagan Washington National Airport: What to do after a data breach, according to identity theft experts

Telus Digital and Telus Corp.: Telus Digital investigates cyberattack on 'limited number' of its systems

Microsoft: Paubox Research on Email Security Identifies Top Security Risks in 2026