US Air Force data leak

An unsecured backup drive is to blame for a massive data leak at the US Air Force. An unsecured backup drive of an unnamed lieutenant colonel was the alleged cause of the leak.

More information: http://www.ibtimes.co.uk/us-air-force-leak-exposes-holy-grail-top-secret-data-including-details-over-4000-officers-1611404

Following this story please see below for comment from Lee Munson, security researcher at Comapritech.com:

“There are a great many things an organisation should be doing to protect its data, all of which boil down to people, process and technology.

“While some aspects within those areas are harder to manage than others, encrypting sensitive data and having an acceptable use policy covering backup drives are not among them.

“This, therefore, begs the question of what a US lieutenant colonel was doing with an unsecured drive full of personal information in the first place.

“Such a leak in the civilian sector would be of serious concern to those compromised, the organisation itself and the appropriate industry regulators.

“Within the US army, such a basic and avoidable mistake is totally unforgivable, especially considering the nature of what it does and the fact that the leaked data is ripe for blackmailing purposes.

“The senior officer responsible will, I suspect, be very fortunate indeed not to appear on the next list of open investigations that find their way onto, what I hope, will be a secured backup drive next time around.”

(68)

Share