https://sputnikglobe.com/20230222/pentagon-wont-say-if-sensitive-files-it-accidentally-leaked-were-seized-by-rivals-1107682794.html
Pentagon Won’t Say If Sensitive Files It Accidentally Leaked Were Seized by Rivals
Pentagon Won’t Say If Sensitive Files It Accidentally Leaked Were Seized by Rivals
Sputnik International
The Pentagon left huge amounts of sensitive internal records completely unsecured for several weeks, a new report has revealed.
2023-02-22T02:12+0000
2023-02-22T02:12+0000
2023-04-13T12:44+0000
military
hacking
sensitive data
seizure
pentagon
https://cdn1.img.sputnikglobe.com/img/105409/31/1054093124_0:235:2803:1812_1920x0_80_0_0_4cdda312078c6c17bd983ee59e1d318e.jpg
The Pentagon left huge amounts of sensitive internal records completely unsecured for several weeks, a new report has revealed.The unprotected server reportedly contained around three terabytes of internal Department of Defense emails, including those from US Special Operations Command (USSOCOM).The data leak, which is reported to be most likely caused by human error, was patched after a researcher named Anurag Sen gave the outlet the information so it could alert the US government.The exposed data reportedly included SF-86 forms, which contain health and other personal data provided by US government employees seeking clearance to handle classified information. The episode has drawn comparisons to a 2015 incident in which millions of US Office of Personnel Management files were said to be seized by hackers that Western media outlets alleged were linked to the Chinese government.While TechCrunch wrote the data in question didn’t appear to be classified, such files aren’t necessarily labeled that way since they’re on classified networks, which aren’t meant to be publicly accessible from the internet.Despite being informed of the data breach on Sunday morning, the outlet reported USSOCOM failed to patch the leak for over a day — until a senior Pentagon official was contacted.A spokesperson for the secretive special forces group reportedly said Tuesday that the agency opened an investigation into the incident, writing “we can confirm at this point no one hacked US Special Operations Command’s information systems.”But the publicly-available information wouldn’t need to be ‘hacked’ to be acquired by someone else, so it’s unclear whether any of the sensitive data on display might have been obtained by rival intelligence services.When the Department of Defense was asked “if it has the technical ability, such as logs, to detect any evidence of improper access or data exfiltration from the database,” a Pentagon spokesperson reportedly “did not say.”
https://sputnikglobe.com/20230112/jesus-fing-christ-guardian-staffers-melt-down-after-hearing-their-personal-data-was-hacked-1106240982.html
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
2023
News
en_EN
Sputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
https://cdn1.img.sputnikglobe.com/img/105409/31/1054093124_36:0:2767:2048_1920x0_80_0_0_d568a005711684641669e2fd887158ef.jpgSputnik International
feedback@sputniknews.com
+74956456601
MIA „Rossiya Segodnya“
pentagon, sensitive files, leak,
pentagon, sensitive files, leak,
Pentagon Won’t Say If Sensitive Files It Accidentally Leaked Were Seized by Rivals
02:12 GMT 22.02.2023 (Updated: 12:44 GMT 13.04.2023) A US Special Operations Command spokesman claims nothing was “hacked” — but since they left the files wide open, it wouldn’t have had to be.
The Pentagon left huge amounts of sensitive internal records completely unsecured for several weeks, a new
report has revealed.
The unprotected server reportedly contained around three terabytes of internal Department of Defense emails, including those from US Special Operations Command (USSOCOM).
According to TechCrunch, “a misconfiguration left the server without a password, allowing anyone on the internet access to the sensitive mailbox data inside using only a web browser, just by knowing its IP address.”
The data leak, which is reported to be most likely caused by human error, was patched after a researcher named Anurag Sen gave the outlet the information so it could alert the US government.
The exposed data reportedly included SF-86 forms, which contain health and other personal data provided by US government employees seeking clearance to handle classified information.
The episode has drawn comparisons to a 2015 incident in which millions of US Office of Personnel Management files were said to be seized by hackers that Western media outlets alleged were linked to the Chinese government.
While TechCrunch wrote the data in question didn’t appear to be classified, such files aren’t necessarily labeled that way since they’re on classified networks, which aren’t meant to be publicly accessible from the internet.
12 January 2023, 03:58 GMT
Despite being informed of the data breach on Sunday morning, the outlet reported USSOCOM failed to patch the leak for over a day — until a senior Pentagon official was contacted.
A spokesperson for the secretive special forces group reportedly said Tuesday that the agency opened an investigation into the incident, writing “we can confirm at this point no one hacked US Special Operations Command’s information systems.”
But the publicly-available information wouldn’t need to be ‘hacked’ to be acquired by someone else, so it’s unclear whether any of the sensitive data on display might have been obtained by rival intelligence services.
When the Department of Defense was asked “if it has the technical ability, such as logs, to detect any evidence of improper access or data exfiltration from the database,” a Pentagon spokesperson reportedly “did not say.”