Air Force Personnel Data Leaked
Posted by: Timothy Weaver on 03/15/2017 12:43 PM
[
Comments
]
MacKeeper Security discovered that a United States Air Force officer mistakenly leaked the personal information of many service members as well as records of ongoing criminal cases and instructions for recovering encryption keys for military documents.
The leaked data included the names, rank and Social Security numbers of service members. It also included documents related to criminal investigations that range from sexual harassment to a major general who allegedly accepted $50,000 a year from a sports commission. The data also included the PII of those being investigated.
“This is a serious data leak, which allows nation states to target high-value military personnel for additional attacks and surveillance. If that weren't bad enough, this highly detailed data could potentially be combined with stolen personal data from other data breaches already available on the dark web to create rich profiles of these individuals,” said Robert Capps, VP of business development for NuData Security.
Also contained in the leak was a file containing Defense Information Systems instructions for encryption key recovery. This could allow a hacker all the information needed to request a Common Access Card and Public Key Infrastructure.
“Regardless of the leak point, there is a simple “silver bullet” that secures data, its encryption. Modern encryption solutions are not only widely available for all types of end-point devices they're also inexpensive,” commented David Vergara, VASCO Data Security's head of global product marketing.
Source: SCMagazine
The leaked data included the names, rank and Social Security numbers of service members. It also included documents related to criminal investigations that range from sexual harassment to a major general who allegedly accepted $50,000 a year from a sports commission. The data also included the PII of those being investigated.“This is a serious data leak, which allows nation states to target high-value military personnel for additional attacks and surveillance. If that weren't bad enough, this highly detailed data could potentially be combined with stolen personal data from other data breaches already available on the dark web to create rich profiles of these individuals,” said Robert Capps, VP of business development for NuData Security.
Also contained in the leak was a file containing Defense Information Systems instructions for encryption key recovery. This could allow a hacker all the information needed to request a Common Access Card and Public Key Infrastructure.
“Regardless of the leak point, there is a simple “silver bullet” that secures data, its encryption. Modern encryption solutions are not only widely available for all types of end-point devices they're also inexpensive,” commented David Vergara, VASCO Data Security's head of global product marketing.
Source: SCMagazine
Comments
