navigation-background arrow-down-circle Reply Icon Show More Heart Delete Icon wiki-circle wiki-square wiki arrow-up-circle add-circle add-square add arrow-down arrow-left arrow-right arrow-up calendar-circle chat-bubble-2 chat-bubble check-circle check close contact-us credit-card drag menu email embed facebook-circle snapchat-circle facebook-square facebook faq-circle faq film gear google-circle google-square googleplus history home instagram-circle instagram-square instagram linkedin-circle linkedin-square linkedin load monitor Video Player Play Icon person pinterest-circle pinterest-square pinterest play readlist remove-circle remove-square remove search share share2 sign-out star trailer trash twitter-circle twitter-square twitter youtube-circle youtube-square youtube

Pentagon subcontractor leaks classified personnel data

January 3, 2017 (Photo Credit: Getty Images)
A security researcher at the MacKeeper Security Research Center has revealed a Pentagon subcontractor exposed sensitive U.S. military health care personnel data thanks to an insecure server backup protocol.

MacKeeper’s Chris Vickery determined that at least 11 gigabytes of confidential data — including that of active top-secret security clearance holders — became accessible because of a server misconfiguration by Booz Allen Hamilton subcontractor Potomac Healthcare Solutions, according to a Dec. 31 post by Charlie Osborne on ZDNet’s Zero Day blog.

The leak — primarily of physical and mental health support staff — included names, contract types, Social Security numbers, duty start dates, billet numbers, unit assignments, places of work, pay scales, clearance levels and recruitment notes, among other items. Many of those with data leaked are part of the U.S. Special Operations Command’s Preservation of the Force and Families program.  

The data leaked could be used for identity theft, as well as targeting individuals to be blackmailed and coerced into espionage.

Potomac says it has addressed the leak after being alerted by Vickery, and Booz Allen Hamilton has told ZDNet it is researching the incident.

Potomac Healthcare acknowledged the report and said in a statement: "While our investigation remains ongoing, based on our initial examination, despite these earlier reports, we have no indication that any sensitive government information was compromised. The privacy and security of information remains a top priority, and we will continue to work diligently to address any issues or concerns."

View the entire leak report here.

Next Article