Tag Archives: Top Secret

Breach Brief – U.S. Government, TimeWarner Cable, Instagram,

U.S. Government

The personal information of thousands of U.S. citizens and employees holding security clearances up to Top Secret have been compromised.

The security breach was revealed by Chris Vickery Director of cyber risk research firm UpGuard.  Vickery found the information of over 9,000 job application files on an un-secure Amazon Web Services S3 storage server that required no password to access.

The data included details about the past duties and responsibilities of thousands of federal employees. It is unclear if these people continue to work for the government, the U.S. Department of Defense and other agencies in the U.S. intelligence community.

Even so the information is extremely sensitive including personal information such as social security numbers, driver’s license and passport numbers, home addresses and other contact details. A leak of this magnitude represents a significant security failure that comes after a major government Office of Personnel Management (OPM) data breach in 2015.

TigerSwan, a US-based private security firm has pointed the finger of blame at TalentPen, a third-party vendor contracted by the company to process new job applicants.

In a statement Tiger Swan said, “We learned that our former recruiting vendor TalentPen used a bucket site on Amazon Web Services for the transfer of resumes to our secure server but never deleted them after our login credentials expired. Since we did not control or have access to this site, we were not aware that these documents were still on the web, much less, were publicly facing.

Among the hundreds of exposed files UpGuard discovered were the resumes of people with Top Secret U.S. security clearances, other documents revealed details about Iraqi and Afghan nationals who cooperated with U.S. forces. Some of those exposed by this data breach were involved in highly classified military operations. To add insult to injury UpGuard stated that the highly sensitive information remained exposed even after it notified TigerSwan about the leak.

TimeWarner Cable

Spectrum Communications,  owner of TimeWarner Cable, announced a data breach affecting the records of 4 million former customers.  TimeWarner Cable (TWC) customer’s data were left unsecured on a cloud server last month. TWC and said there is no evidence of illegal activity on its former customer’s accounts. The company did however urge subscribers using the MyTWC app to change their user names and passwords as a precaution.

TimeWarner Cable provides cable television service to major metropolitan areas including New York, Boston, Chicago, St. Louis and major part of the Carolinas and throughout the country.

The breach was uncovered by a third party firm attempting to resolve a data breach at another company. According to reports, BroadSoft, a TWC partner and global communications provider may have accidentally configured an Amazon Web Services server to allow public access.

According to Bob Diachenko, chief communications officer at security vendor Kromtech, the error exposed over 600GB of sensitive data to the public internet.

“It is most likely that they were forgotten by engineers and never closed the public configuration. This would allow anyone with an Internet connection to access extremely sensitive documents,” he said.

Instagram

A hack originally intended to target celebrities has instead impacted over six million Instagram user accounts.
Instagram sent out warnings of the hack after singer, Selena Gomez, appeared to be one of the first celebrity compromised. Hackers used a bug in the application programming interface (API), to access phone numbers and email addresses.

The news of the hack came after Instagram assured it users on August 30th that only celebrity accounts were targeted.

Instagram CTO, Mike Krieger released a statement acknowledging the scale of the breach; “We care deeply about the safety and security of the Instagram community, so we want to let you know that we recently discovered a bug on Instagram that could be used to access some people’s email address and phone number even if they were not public.”

Originally Instagram stated that only a “low percentage” of accounts were affected but quickly back tracked when hackers refuted the information. Instagram, which is owned by Facebook, then advised users how to protect themselves from such an attack. “Additionally, we’re encouraging you to report any unusual activity through our reporting tools,” Instagram said.

Some reports indicate that one of the accounts compromised includes that of President Donald Trump. That account is operated by White House social media team.

Breach Brief – U.S. Military Special Ops Healthcare

U.S. military healthcare professionals working with the Defense Department may have had highly sensitive personal information exposed by an employer IT error. Some of these personnel have top secret security clearances.

Chris Vickery of Mackeepers  found 11GB of exposed files, including the names, locations, Social Security Numbers, salaries, and assigned units for scores of healthcare professionals working at the U.S. military’s Special Operations Command (SOCOM).

 

Many of the personnel files exposed in the data breach belong to SOCOM’s Preservation of the Force and Families (POTFF) program. The program is designed to have unit specific healthcare professionals and counselors working to ease the psychological and physical strains that affect military special ops troops and their families. 

Vickery pointed out the exposed data and sloppiness of the government contractor known as Potomac Healthcare. The company is owned by the Booz Allen Hamilton. In his blogpost Vickery claimed to have to contact the company twice before any action was taken to remove the information.  

“It is not presently known why an unprotected remote synchronization (rsync) service was active at an IP address tied to Potomac. I do know that when I called one of the company’s CEOs this past Thursday to report the exposure, he did not seem to take me seriously,” said Vickery.

Booz Allen Hamilton employed the now infamous Edward Snowden who leaked documents to the press in 2013, revealing the extent of US government spying.

U.S. Government Personnel System Hacked

OPM SealU.S. Department of Homeland Security officials confirmed Thursday that the Office of Personnel Management computer systems may have been hacked. The Office of Personnel Management essentially functions as the federal government’s human-resources agency.

DHS officials told The Washington Post that the department’s National Cybersecurity and Communications Integration Center were alerted to a “potential intrusion” of the network. The agency and has been working with OPM and other agencies to assess and mitigate risks. The official said the agencies have not yet found “any loss of personally identifiable information.”

The story was first reported by the  New York Times last Wednesday. The report indicated that Chinese hackers penetrated OPM’s database containing files on all federal employees. The Times reported that the break in actually occurred in March of this year and specifically targeted employees who had applied for Top Secret security clearances. The number of targeted file easily topped the tens of thousands.

Officials reported that the hackers gained access to some of OPM’s  databases before the federal authorities detected and blocked the threat to the network.  It is still not clear how successful the hackers were in  penetrating the agency’s systems. The network contained data in which applicants for security clearances list their foreign contacts, previous jobs and personal information like past drug use.

A senior Department of Homeland Security official acknowledged that the attack had occurred but stated “at this time,” neither the personnel agency nor Homeland Security had “identified any loss of personally identifiable information.” According to an official an emergency response team was assigned “to assess and mitigate any risks identified.”

Another senior American official acknowledged that the attack was traced to China however it was not immediately clear that the hackers were part of the Chinese government.

Breaking it Down

African-Americans make up 17.7%of the federal workforce. Which means that we are well represented in the files of the Office of Personnel Management. And to hear that not even the government’s personnel records are secure from hackers means we have to look harder at our security measures.

Let me explain something to you. I applied for a Top Secret Security clearance years ago. Some of the information I had to reveal was pretty sensitive. Not only that but I had to provide the names, addresses and dates of birth for many people in my life. I had to answer questions about money, sex and drugs. Its a pretty intrusive process. If those hackers were Chinese then they were shooting for the big prize by attacking that data base. If they were not then we as a country are in deep, deep trouble because now we are at the mercy of common criminals who may be able to access government systems at will.

Our government has reported that they detected the intrusion and stopped it but they don’t know what information or if any information identifiable to a person was taken.

As a nation we need to demand greater security for our information and that starts at the top; with the U.S. government. No system is completely un-hackable. But we need to demand that our networks, private and public be the most secure systems possible. We need to change the culture and fight hacking like we fought drugs. Too many people think hacking is a game and that all systems are free game. We need to make sure that hackers spend time in prison. Make hacking a crime with even more serious repercussions.

But lets look at another topic we need to address. Hasn’t our government, with its vast resources and intelligence capabilities  hacked into the computers of other nations? Have we not taken information about their people, their defenses and their secrets. So…whats fair is fair?