Hackers infiltrated the Pentagon food court's computer system, compromising the bank data of an unknown number of employees.
Lt. Col. Tom Crosson, a Defense Department spokesman, said on Tuesday that employees were notified that hackers may have stolen bank account information from people who paid for concessions at the Pentagon with a credit or debit card.
"Within the past week, the Pentagon Force Protection Agency has received numerous reports of fraudulent use of credit cards belonging to Pentagon personnel. These individuals had fraudulent charges to their account soon after they had legitimate transactions at the Pentagon," according to a copy of the notice to employees obtained by the Washington Examiner.
Crosson was unable to say how many people have been affected or over what time period, saying the Pentagon Force Protection Agency is investigating.
The investigation is still looking into which of the Pentagon's multiple food courts were affected, Crosson said.
Investigators are asking employees to email firstname.lastname@example.org if they receive a fraudulent charge on their credit card within the last 120 days and within 48 hours of making a purchase at the Pentagon.
Another, more significant Pentagon network was recently taken offline due to cyber attacks. The Joint Chiefs' unclassified email system was hacked this summer in a sophisticated attack characteristic of a state actor, likely Russia. It remained offline for weeks as employees worked to patch holes and ensure the network was secure.
Officials emphasized that as an unclassified email server, no war planning or other strategic communications took place on that server.