A US government subcontractor working for the Pentagon has leaked personal data of some of the country’s high-ranking military officials.
Insufficient security in computer networks belonging to the Potomac Healthcare Solutions, which provides healthcare services to government and military organizations, was the source of the leak, ZDNet reported Saturday.
The leaked data included Social Security numbers to the assigned posts of important US military figures with the highest levels of security clearance, the report added.
Names, contract types, and duty start dates – dating back to 1998—were other confidential data available for everybody to see.
The major leak was first discovered by Chris Vickery, a lead security researcher of the MacKeeper Security Center.
According to samples provided by Vickery, most of the military personnel involved in the leak were members of the US Special Operations Command (SOCOM).
The victims included current and former forces of various US military branches such as the Army, Navy, and Air Force. Some of the personnel were on active deployment.
Other bits of the leaked data included personnel files from SOCOM's Preservation of the Force and Families (POTFF) program, which aims to reduce the psychological and physical burdens the job puts on military personnel and their families.
Aside from military personnel, the social workers, physical therapists, nurses and assistants, doctors, and psychologists who worked with them also fell victim to the leak.
“It's not hard to imagine a Hollywood plotline in which a situation like this results in someone being kidnapped or blackmailed for information. Let's hope that I was the only outsider to come across this gem. Let's really hope that no hostile entities found it,” Vickery said.
“Loose backups sink ships,” he added, underscoring the seriousness of the leak and its possible consequences.
Interestingly, Potomac Healthcare Solutions has close ties with Booz Allen Hamilton, which made headlines in 2013 when Edward Snowden, one of its former employees, disclosed classified mass surveillance programs by American spy agencies.