Cyber Incident Victim: Deltek
Date:
Mar 2014
Location:
United States of America
Summary
A cyberattack exploiting a vulnerability in Deltek's GovWin IQ system compromised usernames, passwords, and payment card data, impacting approximately 80,000 customers—including 25,000 with exposed financial details. The company addressed the security flaw, engaged law enforcement and cybersecurity experts for investigation and remediation, implemented enhanced protections like mandatory password rotations, notified affected individuals, and offered credit monitoring to those with payment card exposure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 4 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 13, 2014, Deltek discovered that an attacker had exploited a vulnerability in its GovWin IQ system, a platform operated by the Virginia-based enterprise software and information solutions provider. The unauthorized access resulted in the compromise of credentials belonging to approximately 80,000 customers, including GovWin IQ usernames and passwords. For roughly 25,000 of these individuals, payment card data was also exposed to the attacker. The breach specifically targeted Deltek’s infrastructure supporting the GovWin IQ service, though the exact technical nature of the exploited vulnerability was not publicly detailed. Deltek confirmed the intrusion occurred prior to the March 13 discovery date but did not specify the duration of unauthorized access or the precise timeframe of the initial attack. The incident directly impacted customers relying on GovWin IQ for business intelligence and government contracting opportunities, exposing them to potential financial fraud and credential misuse risks.
Deltek responded by immediately remediating the security vulnerability believed to have been exploited by the attacker. On the Tuesday evening following the discovery—likely April 8, 2014, given the article’s publication date of April 9—the company implemented security enhancements to the GovWin IQ system. These included a mandatory password change policy requiring updates every 90 days, alongside broader revisions to data security procedures and practices for handling personal information. Deltek engaged law enforcement and retained a cybersecurity firm to investigate the incident and recommend preventive measures. The company notified all affected individuals, with specific offers of credit monitoring services extended to the 25,000 customers whose payment card data was compromised. President and CEO Mike Corkery publicly affirmed the remediation efforts in customer notifications, emphasizing procedural and technical improvements to the platform’s security posture without disclosing further operational specifics about the attack vector or attacker identity.