Volunteer
01-03-2017, 10:40
Sirs,
I believe this is worth being aware of if you hadn't already been aware by other means.
V/R, Volunteer
http://www.theregister.co.uk/2017/01/03/top_secret_cleared_socom_staff_in_11gb_govt_contra ctor_breach/
Dismissed hacker calls US Govt buddy to nix exposed database
3 Jan 2017 at 00:01, Darren Pauli
A Pentagon subcontractor has exposed the names, locations, Social Security Numbers, and salaries of Military Special Operations Command (SOCOM) healthcare professionals.
The cleartext and openly accessible database – said to be at least 11 gigabytes in size – also included names and locations of at least two Special Forces analysts with Top Secret government clearance.
It exposed pay scales, living quarters, and residences of psychologists and other SOCOM healthcare workers.
MacKeeper researcher Chris Vickery found the breach, reporting it to Potomac Healthcare Solutions.
He says the company has fixed the exposure, but did not initially appear to take his disclosure seriously.
"It is not presently known why an unprotected remote synchronization (rsync) service was active at an IP address tied to Potomac," Vickery says.
"I do know that when I called one of the company’s CEOs to report the exposure, he did not seem to take me seriously.
"It shouldn’t take over an hour to contact your IT guy and kill an rsync daemon."
.
The files were taken down 30 minutes after Vickery called a US Government department contact informing them of the exposure at Protomac Healthcare Solutions.
"It’s not hard to imagine a Hollywood plotline in which a situation like this results in someone being kidnapped or blackmailed for information," he says.
"Let’s hope that I was the only outsider to come across this gem."
The breach also included financial and accounting information on Protomac Healthcare Solutions.
I believe this is worth being aware of if you hadn't already been aware by other means.
V/R, Volunteer
http://www.theregister.co.uk/2017/01/03/top_secret_cleared_socom_staff_in_11gb_govt_contra ctor_breach/
Dismissed hacker calls US Govt buddy to nix exposed database
3 Jan 2017 at 00:01, Darren Pauli
A Pentagon subcontractor has exposed the names, locations, Social Security Numbers, and salaries of Military Special Operations Command (SOCOM) healthcare professionals.
The cleartext and openly accessible database – said to be at least 11 gigabytes in size – also included names and locations of at least two Special Forces analysts with Top Secret government clearance.
It exposed pay scales, living quarters, and residences of psychologists and other SOCOM healthcare workers.
MacKeeper researcher Chris Vickery found the breach, reporting it to Potomac Healthcare Solutions.
He says the company has fixed the exposure, but did not initially appear to take his disclosure seriously.
"It is not presently known why an unprotected remote synchronization (rsync) service was active at an IP address tied to Potomac," Vickery says.
"I do know that when I called one of the company’s CEOs to report the exposure, he did not seem to take me seriously.
"It shouldn’t take over an hour to contact your IT guy and kill an rsync daemon."
.
The files were taken down 30 minutes after Vickery called a US Government department contact informing them of the exposure at Protomac Healthcare Solutions.
"It’s not hard to imagine a Hollywood plotline in which a situation like this results in someone being kidnapped or blackmailed for information," he says.
"Let’s hope that I was the only outsider to come across this gem."
The breach also included financial and accounting information on Protomac Healthcare Solutions.