Being the biggest weapon arsenal in the modern world today, even the USAF affected to massive data leak. Later here an unnamed lieutenant colonel’s misconfigured backup drive is the alleged cause of this massive data leak. This leak exposed the private personal details of over 4000 US Air Force Officers.
The leak exposed thousands of US Air Force documents with sensitive information, such as passport numbers and social security numbers. These private details are of senior and high-ranking officials and celebrities.
How Did This Happen?
The file crate was reportedly stored in an unsecured internet connected backup drive, which was accessible to anyone as it was not password protected. The belonged to a lieutenant colonel. The data was secured last week after a security researcher at MacKeeper reported the leak.
Who Discovered It?
With the latest leak, thousands of US Air Force documents were made vulnerable. The entire data is equivalent to several gigabytes. However, with the security assessment by MacKeeper, the drive was immediately secured.
What MacKeeper Reserachers discovered was much more that just passport numbers or the social security numbers. The data also contained ‘Personnel by Eligibility and Access Reports’ , ranks and names of hundreds of service members.
To What Extent Did The Latest Data Leak Reveal?
The leaked data also contained scanned images of Department of Defence’s Joint Personnel Adjudication System (JPAS) account of the Lieutenant. The images contained login credentials which would rather help in accessing the account.
The leaked data – open investigations spreadsheet includes important data of cases such as name, rank, accusations, location of the accused.
This particular file serves as a guide on gaining access to an encryption key where the images containing URLs requests for information about Public Key Infrastructure (PKI) and Common Access Card (CAC) could be easily created.
The drive also contained completed applications (SF86) for renewed national security clearances for two U.S. four-star generals who recently had top U.S. military and NATO roles. The applications include extremely private information, including financial and mental health history, past convictions, relationships with foreign nationals, and other personal information which is weighed to determine a candidate’s eligibility to obtain classified material.
The material in SF86 applications are not classified but could alter the risk of identify theft or financial fraud that could affect the individual’s.
Although the drive is secured now, but it is still important to identify who else has accessed the files publicly.
Let us know what you guys feel about the latest incident in the comments below!