HackDig : Dig high-quality web security articles for hacker

11GB archive of Top Secret US SOCOM data accidentally leaked

2017-01-05 05:05

The popular security expert Chris Vickery discovered a 11GB archive of Top Secret US SOCOM data that was accidentally leaked.

A subcontractor of the Pentagon has exposed top-secret information of the US Military Special Operations Command (SOCOM) medics.

Exposed records include names, locations, Social Security Numbers, and salaries of the Military SOCOM personnel, the database also included names and locations of at least two analysts of Special Forces. Analysts data have Top Secret government clearance.

The precious archive was accessible on the web and data stored in without encryption, a 11-gigabytes gift to nosy people.

The database was discovered by the popular researcher Chris Vickery, the same expert that discovered several open MongoDB exposed on the Internet.

“A recent data breach discovery of mine contained the names, locations, Social Security Numbers, salaries, and assigned units for scores of psychologists, and other healthcare professionals, deployed within the US Military’s Special Operations Command (SOCOM). Not a single username or password was guarding this intel, which weighed in at over 11 gigs.” reads a blog post published by Vickery. 

Vickery discovered the precious archive and reported it to Potomac Healthcare Solutions, the company that provides healthcare workers to the US Government through Booz Allen Hamilton.

The archive includes also pay scales and residency of psychologists and employees at SOCOM.

Experts at Potomac Healthcare Solutions promptly fixed the issue, even if they initially did not seem to take the claim seriously.

“It is not presently known why an unprotected remote synchronization (rsync) service was active at an IP address tied to Potomac,” added Vickery.

“It shouldn’t take over an hour to contact your IT guy and kill an rsync daemon.”

The exposed data in the wrong hand could allow attacks to conduct a wide range of malicious activities, from kidnapping to scams.

“It’s not hard to imagine a Hollywood plotline in which a situation like this results in someone being kidnapped or blackmailed for information,” he says.

“Let’s hope that I was the only outsider to come across this gem.”

In December 2015 the security expert Chris Vickery discovered 191 million records belonging to US voters online, in April 2016 he also discovered a 132 GB MongoDB database open online and containing 93.4 million Mexican voter records.In March 2016, Chris Vickery has discovered online the database of the Kinoptic iOS app, which was abandoned by developers, with details of over 198,000 users.

Pierluigi Paganini

(Security Affairs – database, SOCOM)

The post 11GB archive of Top Secret US SOCOM data accidentally leaked appeared first on Security Affairs.


Source: lmth.kael-mocos/hcaerb-atad/25055/sserpdrow/oc.sriaffaytiruces

Read:2421 | Comments:0 | Tags:Breaking News Data Breach Cybercrime databases Hacking Mongo

“11GB archive of Top Secret US SOCOM data accidentally leaked”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud