This post originally and mistakenly referred to the GSA vulnerability as a "breach." The agency says that the vulnerability was not the result of a hack or breach. Here is the GSA's statement on the matter:
"Recently, U.S. GSA officials identified a security vulnerability in the System for Award Management (SAM), which could allow some existing users in the system to access certain registration information of other entities. Immediately after the vulnerability was identified, GSA implemented a software patch to addresses the immediate vulnerability. GSA is undertaking a full review of the system to investigate and address any additional impacts to registrants in SAM. The security of this information is a top priority for this agency and we will continue to ensure the system remains secure."