A Texas Air Force base has disclosed some 33,000 officers may have had their personal data accessed.
Another day, another security breach story comes out of the wild blue yonder. This time the focus is on the Air Force Personnel Center at Randolph AFB in Texas. An Air Force spokesman said in a statement the Assignment Management System was accessed by a “malicious user.” That affected mostly officers.
Users of the Air Force system can login to see if their information, which would include assignments, Social Security numbers, and birth dates, has been accessed. A popup notification will give those affected more information.
From the statement, it appears a single compromised user account was the gateway for the illicit access. In June, the base notified Air Force and federal investigators of unusual traffic levels from that account. It is not yet known how long the activity took place, or when it was shut down.
“We notified the individuals involved, outlining what happened and how they can best insulate themselves from this potential risk,” said Maj. Gen. Anthony F. Przybyslawski, AFPC commander, in the statement. “We’ve taken steps to increase our system security. We’re working with all Air Force agencies to identify vulnerabilities.”
Details of the investigation have not been released yet. Use of a single account to gather that information tends to indicate either a stolen username/password combination, or a brute force attack that uncovered a weak login. Any computer user should take care not to leave passwords laying around, nor to use passwords that can be easily guessed.
David Utter is a staff writer for Murdok covering technology and business. Email him here.
