{"id":70,"date":"2005-08-24T22:03:28","date_gmt":"2005-08-24T22:03:28","guid":{"rendered":"\/?p=70"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-30T04:00:00","slug":"hacker-taps-into-us-military-database","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=70","title":{"rendered":"Hacker taps into US military database"},"content":{"rendered":"<p><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=2>If you want proof that protecting personal information is a hard thing and that <a href=\"https:\/\/www.identityblog.com\/2005\/08\/19.html#a310\" class=\"broken_link\">Data Rejection<\/a> is a key technology, read <a href=\"http:\/\/www.washingtonpost.com\/wp-dyn\/content\/article\/2005\/08\/22\/AR2005082201259.html\" class=\"broken_link\">this report<\/a> from the Washington Post:<\/font><\/p>\n<blockquote dir=ltr style=\"MARGIN-RIGHT: 0px\">\n<p><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=2>A suspected hacker tapped into a US military database containing social security numbers and other personal information for 33,000 Air Force officers and some enlisted staff.<\/p>\n<p>That figure represents about half of the officers in the USAF but no identity theft had been reported as of early today, said Tech Sgt James Brabenec, a spokesman at Randolph Air Force Base in Texas.<\/p>\n<p>&#147;We are doing everything we can to catch and prosecute those responsible,&#148; Maj Gen Tony Przybyslawski said.<\/p>\n<p>Social security numbers, birth dates and other information was accessed some time in May or June, apparently by someone with the password to the air force computer system, Brabenec said.<\/p>\n<p>On Friday, the people affected were notified of steps they could take to protect their identity, he said.<\/p>\n<p>The military, while protecting classified information, has had trouble protecting data about its people, a computer expert told The Washington Post, which first reported the incident.<\/p>\n<p>&#147;They have historically done much better at protecting operational systems than at protecting administrative systems,&#148; said John Pike, director of GlobalSecurity.org.<\/p>\n<p><\/font><\/p>\n<\/blockquote>\n<p dir=ltr><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=2>In my view this is an excellent example of how even organizations well aware of security issues tend to excel at their core competencies &#8211; and proper handling of personal information is likely not the key driver in their approach to information, system desgin and operations.<\/font><\/p>\n<p dir=ltr><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=2>This is why we can expect that those who specialize in and build their reputations by protecting personal identifying information are likely to do the best job at it.  <\/font><\/p>\n<p dir=ltr><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=2>A technology that allows relying parties to &#8220;request and then forget&#8221; personal information &#8211; this on a &#8220;need to know&#8221; basis and only when explicitly permitted by the user &#8211; is in my view the only sensible path forward.  All information that is retained, for example for auditing purposes, should be encrypted under keys limited to the authorized off-line usage of appropriate personnel.<\/font><\/p>\n<p dir=ltr><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=2>I like the use of &#8220;suspected hacker&#8221; in the article.  Maybe it wasn&#39;t really a hacker who broke in &#8211; just someone who accidently ended up on the site, and traipsed on the social security numbers through sheer bad luck.<\/p>\n<p><\/font><\/p>\n<p align=right><font color=darkblue size=2>[tags: <a href=\"http:\/\/technorati.com\/tags\/identity\" rel=\"tag\" class=\"broken_link\">Identity<\/a>, <a href=\"http:\/\/technorati.com\/tags\/identityloss\" rel=\"tag\" class=\"broken_link\">Identity Loss<\/a>, <a href=\"http:\/\/technorati.com\/tags\/identitytheft\" rel=\"tag\" class=\"broken_link\">Identity Theft<\/a>, <a href=\"http:\/\/technorati.com\/tags\/datarejection\" rel=\"tag\" class=\"broken_link\">Data Rejection<\/a>]<a href=\"http:\/\/technorati.com\/tags\/kimcameron\" rel=\"tag\" class=\"broken_link\"><\/a> <\/font><\/p>\n<p align=right>\n","protected":false},"excerpt":{"rendered":"<p>If you want proof that protecting personal information is a hard thing and that Data Rejection is a key technology, read this report from the Washington Post: A suspected hacker tapped into a US military database containing social security numbers and other personal information for 33,000 Air Force officers and some enlisted staff. That figure &hellip; <a href=\"https:\/\/www.identityblog.com\/?p=70\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Hacker taps into US military database<\/span><\/a><\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[2],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/70"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=70"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/70\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=70"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=70"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=70"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}