The Army National Guard has exposed the personal information of more than 850,000 current and former members, by improperly handling a data transfer.
The servicemen and women may have had their names, home addresses, Social Security numbers, and dates of birth exposed when that data was transferred to a non-Department of Defense-accredited data center by a contract employee as part of a budget analysis.
An Army National Guard spokesperson described it as “more of a poor security practice,” than a breach, though classified as a breach.
"We believe the specific files containing [personal information were] safeguarded and not used to compromise anyone's identity," Kurt Rauschenberg told Army Times. "However, we want the public to know what happened just in case."
IDT911’s chairman and founder and the former director of NJ Division of Consumer Affairs, Adam Levin, told Infosecurity that the problem with most government agencies (and thousands of businesses) is that they have “perfected poor security practices as an art form.”
“These sub-par efforts leave the door open to breaches—and literally none was a serious as the recent breach of the Office of Personnel Management where over 22 million Americans have seen their most sensitive information exposed and are now at risk due to an epic security fail,” he said. With breaches having become the third certainty in life, we cannot afford to allow poor security practices to put our people—particularly the defenders of our way of life—in harm’s way. This incident demonstrates once more that any system is only as secure as its weakest link and humans have proven yet again that we are the weakest link.”