http://www.computerworld.com/securitytopics/security/story/0,10801,104080,00.html
By Linda Rosencrance
AUGUST 19, 2005
COMPUTERWORLD
The U.S. Air Force is notifying more than 33,000 officers that their
personal data has been breached by a malicious hacker, the Air Force
said [1] today.
The hacker used a legitimate user's ID and password to access personal
information on the officers contained in the Assignment Management
System (AMS), an online program used for assignment preferences and
career management, the Air Force said. That data included career
information, birth dates and Social Security numbers.
Lt. Col. Michele Dewerth, a spokeswoman for the Air Force Personnel
Center (AFPC) at Randolph Air Force Base in Texas, said there has been
no evidence of identify theft.
A systems operator at the air base discovered the breach sometime
between May and June, Dewerth said. She declined to be more specific
because of the ongoing investigation.
"Immediately upon discovery we put more security measures in place,"
she said.
The personnel center also notified Air Force and federal investigators
that there was unusually high activity on a single user's AMS account
in June, according to the statement.
"We notified airmen as quickly as we could while still following
criminal investigation procedures with the [Air Force's Office of
Special Investigations]," said Maj. Gen. Tony Przybyslawski , AFPC
commander. "Protecting airmen's personal information is something we
take very seriously, and we are doing everything we can to catch and
prosecute those responsible under the law."
The breach involved data on half of the force's approximately 70,000
officers. It also affected fewer than 20 enlisted personnel, the Air
Force said.
[1] http://www.afpc.randolph.af.mil/pubaffairs/release/2005/08/AMS.htm
_________________________________________
Attend ToorCon
Sept 16-18th, 2005
Convention Center
San Diego, California
www.toorcon.org
