Data Breach at Marine Corps Forces Reserve Affects Thousands
Approximately 21,426 people were affected when a data breach at Marine Corps Forces Reserve occurred on Monday morning. An unencrypted email with an attachment that contained personal information of thousands of Marine Reservists was sent to the wrong list. USMC believes that no malicious intent was involved.
Not malicious, but not smart
In 2015, ISIS posted a kill list of 41 Marines and their personal information. They found that information on publicly accessible forums and social media accounts. This data breach is just another way security for military personnel to be compromised. It may not have been malicious, but it was certainly not smart.
According to the Marine Corps Times,
“The compromised attachment included highly sensitive data such as truncated social security numbers, bank electronic funds transfer and bank routing numbers, truncated credit card information, mailing address, residential address and emergency contact information, Maj. Andrew Aranda, spokesman for Marine Forces Reserve said in a command release.
That email was a roster sent out by the Defense Travel System, or DTS, Marine Corps Times has learned. DTS is a Defense Department system that assists military and civilian defense personnel with travel itineraries and settling expenses from official authorized trips.
“It was very quickly noticed and email recall procedures were implemented to reduce the number of accounts that received it,” Aranda said.
The email containing the data was sent within the usmc.mil official unclassified Marine domain, but also to some civilian accounts.”
In 2015, data breaches within the Federal Government created security issues for 4.2 million Federal employees and compromised the security clearances of 21.5 million people. The Office of Personnel Management came up with 11 fixes, but not all had been completed as of August, 2017.
The hazards of utilizing contracted firms for these types of information can also be an issue. But in this current case it appears to be a blunder by someone who was just passing information from point A to point B and simply malfunctioned.
In the 2015 hacking of the OPM, it was generally thought that China hacked into the system when people filled out an SF-86 form for employment with the Federal Government. But when sensitive information began surfacing on the “darknet,” in that case “malicious intent” was obvious.
We sincerely hope no sensitive information on those 21,426 Marine Reservists will be surfacing on the “darknet.”