back to article US Army loses 16,000 personnel records in South Korea

Sensitive information of more than 16,000 US Army personnel stationed in South Korea, plus data on local employees and job applicants, appears to have been compromised after databases loaded with names, identification numbers and addresses were accessed by unauthorised and unknown parties. Specific details of how the 28 May …

COMMENTS

This topic is closed for new posts.
  1. frank ly

    "...banking details and classified data was not compromised."

    Maybe they should have stored the other data to the same level of security/isolation? Maybe that would be too inconvenient?

    There must be a way of allowing a civilian/admin worker to generate an enquiry about my job application and print out an envelope addressed to me without allowing them to do a data dump of everybody else on the system.

    1. Anonymous Coward
      Anonymous Coward

      Lots of things get misplaced

      In the military lots of things get misplaced, weapons, personnel, ships, aircraft.

      It will just be a simple admin error, the 16,000 personnel are still there. Probably some desk bound senior rank that pressed the wrong button thinking he could start WW3 before he retired.

  2. Arachnoid

    Sounds like a single machine was compromised

    Which to me at least, suggests local access or compromise issues that could well return.

  3. Anonymous Coward
    Anonymous Coward

    Send in Reacher.

    1. Anonymous Coward
      Anonymous Coward

      Reach for the sender.

  4. Anonymous Coward
    Anonymous Coward

    Send for the retch

  5. mrobaer
    FAIL

    No Surprise

    Having seen first hand some of the network infrastructure over there, I am not surprised this has happened. I am actually curious as to how many times it probably has happened before and never noticed!

    I did some really dumb things in my past, quite a few of them in South Korea while serving in the US Army. One of them, was being a script kiddie¹. I got busted by the National Police Agency of S. Korea. Even after this, the US Army was foolish in allowing me local access to protected computer systems. To make it even more interesting, I also was able to obtain employment stateside at Citibank in their Fraud Early Warning department. They trusted me with quite a lot of information and access, knowing what had happened in S. Korea, and locally².

    1) http://www.theregister.co.uk/2001/05/08/us_airman_charged_in_korean/ (That was me)

    2) http://www.justice.gov/usao/pae/News/2007/jul/baer.html (Me again...)

    As long as folks let dummies like I used to be slip into their network, problems like this will continue.

    1. Trevor_Pott Gold badge

      Re: No Surprise

      I this the better question is how many of us haven't worn a hat that is other than white. My youth was spent as one of the few technologically savvy fellows in my city during the 80s and 90s. There were hijinks.

      But you grow up. You realize that while blackhatting may be fun, exhilarating and a boost to the ego, it's also a very real risk. As you get older you get a wife, possibly kids, pets, a mortgage; there are people that depend on you and they could be in a bad way if you were to end up in jail.

      I think that's natural. I think that pure white hats are exceptionally rare...but that most companies (and even governments) don't require them. The lighter shade of grey is just fine, even if the only "black" in your hat is tacitly ignoring the "dark deeds" done by your contacts (and friends) amongst the information systems penetration community.

      Those who never had the bug, who never had the curiosity to know how things work...they'll never understand. It is the curiosity which drives; "how is that designed" and "can I get around it?" It can make one into a notorious hacker, or a brilliant engineer.

      The difference between one and the other is having learned enough life lessons to channel the curiosity into something beneficial...most of the time, at least.

  6. Tank boy
    Childcatcher

    Business as usual

    This has happened before, it will happen again. The US Army is infatuated with being connected with the internet, but sadly uses some of the worst security software, Don't get me started on the protocols they have in place, you'd just laugh.

  7. Anonymous Coward
    Go

    Army loses 16,000 personnel records in Korea?

    We're OK as long as they can find Tuttle.

This topic is closed for new posts.

Other stories you might like