Documents of US Air Force were left on an unsecured backup drive and they are exposing highly sensitive personnel information files on over 4,000 senior and high-ranking officers.
According to the security researchers at Mackeeper, the gigabytes of files are accessible to anyone because there is not even a password to protect the drive.
This information varies from names and address of 4000 officers, and with their ranks to even their Social Security numbers.
Another file is found on this same drive and it lists the security clearance levels of many officers, possibly hundreds, even people with “top secret” clearance, this potentially makes them targets for many people who are trying to get their hands on such details.
Other spreadsheets contained contact information of staff and their spouses, along with private personal information and sensitive data.
The Mackeeper report indicates that the drive belongs to a lieutenant colonel whose name was not mentioned due to security reasons. Security researcher Bob Dianchenko notified that the owner of the situation and the data was secured.
The most shocking document was a spreadsheet of this open investigations which has included the rank, name, location and a detailed description of all the accusations. While many of these accusations were of discrimination, there are also some sexual harassment claims and even more serious.
“One example is an investigation into a Major General who is accused of accepting $50k a year from a sports commission that was supposedly funnelled into the National Guard. There were many other details from investigations that neither the Air Force or those being investigated would want publically leaked,” the report reads.
Another file has the Defense Information System instructions for encryption of key recovery, which is step-by-step on how to regain the access to an encrypted key, complete with all URLs where someone can request the information regarding the Common Access Card and the Public Key Infrastructure.