The breach occurred sometime between July 3,2013 and November 2,2013. However, the company came to know about the breach only on March 13,2014.
The hacker exploited a security vulnerability in the GovWin IQ System and managed to access customers’ data. The information accessed by hackers includes Names, billing addresses, phone numbe,s. and business email IDs.
According to Federal News radio report, the hackers also had access to credit card information of about 25,000 of those affected customers. Those who had card information compromised are being offered free credit monitoring services.
The company says it is cooperating with law enforcement on this case. They have also hired a cyber security forensic firm. They also claimed to have arrested the hacker believed to behind the breach.