Lt. Colonel’s unsecured backup drive exposes thousands of US Air Force documents

Air Force breach

Security researchers discovered an unsecured hard drive containing sensitive data on the Air Force network, according to reports throughout mainstream media.

The device, which purportedly belonged to a Lt. Col, revealed a trove of sensitive documents that included Personnel by Eligibility and Access Reports listing the names, rank and social security numbers for more than 4,000 officers, according to reporting on ZDNet.

Although the Privacy Act statement at the bottom of each page read, “Under the Privacy Act of 1974, you must safeguard personnel information retrieved through this system,” it appears the statement is more eyewash than doctrine.

Researchers said gigabytes of information were accessible to anyone because the internet-connected backup drive was not password protected.

Information normally not considered sensitive — such as names and addresses — when paired together with other material make the breach extremely troubling. More troubling may be derogatory information found on individuals allegedly under investigation.

According to, one of the most sensitive files is a spreadsheet of open investigations.

The story reports the spreadsheet of open investigations included the name, rank, location, and a detailed description of the accusations. The investigations range from discrimination and sexual harassment to more serious claims. One example is an investigation into a Maj. Gen. who is accused of accepting $50k a year from a sports commission that was supposedly funneled into the National Guard. There were many other details from investigations that neither the Air Force nor those being investigated would want publicly leaked.

The hard drive also contained a scanned image of the source’s JPAS account (Joint Personnel Adjudication System) from the Department of Defense. This document, dated Mar. 12, 2017 and originating from Aviano Air Base, Italy, included the login url, user ID and Password to access the system. JPAS accounts are only assigned for authorized. The database also included a copy of the North Atlantic Treaty Organization (NATO) Information Security Training Manual and many other documents that may or may not be publicly available.

Among the most damaging documents on the drive included the completed applications for renewed national security clearances for two US four-star generals, both of whom recently had top US military and NATO positions.

Both of the SF86 applications contain highly sensitive and detailed information, including financial and mental health history, past convictions, relationships with foreign nationals and other personal information, according to ZDNet.

Subject-matter experts said the information harvested during the leak, although not officially considered classified — is typically closely guarded.

“Even if the SF86 answers are innocuous, because of the personal information within the form there is always the risk of identity theft or financial fraud that could harm the individual and potentially compromise them,” said Mark Zaid, a national security attorney, in an email to ZDnet.

This is the last in a string of breaches during the past few months.

In December, Potomac Healthcare Solutions, a subcontractor brought on board to supply healthcare professionals to the US government and military organizations through its Washington, DC. based contractor Booz Allen Hamilton, was the source of the data leak.

ZDnet reports many of the victims involved in the data leak are part of US Special Operations Command (SOCOM), which includes those both formerly employed by US military branches, such as the Army, Navy, and Air Force, and those presumably still on active deployment.

The bulk of the data harvested during this earlier breach was made up of military personnel files and lists of physical and mental health support staff, including nurses, doctors and mental-health professionals. reports the device responsible for the recent leak has been taken offline since the leak was discovered. However, it is unclear if anyone other than members of the MacKeeper Research Team had access to the files or how long the files were available.

An Air Force spokesperson said the branch is aware of the situation, but would not comment on the specifics of the investigation.

© 2017 Bright Mountain Media, Inc. All rights reserved.

The content of this webpage may not be reproduced or used in any manner whatsoever without the express written consent of Bright Mountain Media, Inc. which may be contacted at, ticker BMTM.

Comments are closed.