January 9, 2017
Seid Yassin (557 articles)


A slew of sensitive data pertaining to psychologists, doctors and other healthcare professionals involved with an arm of the U.S. Department of Defense was recently left unsecured online.

Chris Vickery, a security researcher with MacKeeper who has stumbled across unsecured internal databases before, discovered the information late last month.

Eleven gigabytes of data, including individuals’ names, locations, Social Security numbers, salaries, and assigned units was publicly accessible, Vickery said in a blog post published on New Year’s Eve. Vickery said the data–which has since been secured–belonged to doctors deployed in the United States Special Operations Command (USSOCOM or SOCOM).

The information, accessible as an unprotected remote synchronization (rsync) service, was the property of Potomac Healthcare Solutions, a Woodbridge, Va.-based health services contractor. The facility supplies health workers to the government through the management consulting firm Booz Allen Hamilton.

Included in the breach is data belonging to “at least two Special Forces data analysts with Top Secret government clearance,” Vickery said Saturday. The CEOs of Potomac Healthcare Solutions weren’t exactly receptive when Vickery brought the files to their attention last Thursday. The files remained online an hour after he alerted the firm by phone and email.

According to his blog, it wasn’t until Vickery called a higher up, “Potomac’s boss,” or someone at Booz Allen Hamilton we’re lead to believe, that the files finally went offline.

“Potomac’s files went offline about 30 minutes later. I may never know for sure if that second phone call had anything to do with the documents finally being secured, but I’d like to think it might have helped,” Vickery wrote. “…Let’s hope that I was the only outsider to come across this gem. Let’s really hope that no hostile entities found it. Loose backups sink ships.”

When reached Tuesday, Booz Allen Hamilton said it was looking into the event.

“We take any allegation of a data breach very seriously, including those from our subcontractors. We are looking into this alleged event,” a spokesperson for the firm told Threatpost.

Potomac Healthcare said late Tuesday it was also investigating the incident.

“We are aware of the report from an independent security researcher alleging an unauthorized exposure of sensitive government information. Upon learning of the allegation, we immediately initiated an internal review and brought in an external forensic IT firm for additional support. While our investigation remains ongoing, based on our initial examination, despite these earlier reports, we have no indication that any sensitive government information was compromised. The privacy and security of information remains a top priority, and we will continue to work diligently to address any issues or concerns.”

Source | threatpost