Security Lapse Exposed Thousands of Sensitive Files from US Citizens, TigerSwan Explains
From the latest shared news information through rt.com, a recruitment agency in the United States failed to keep the stored personal data of almost 9,400 individuals and the public were able to view them because of huge security lapse or negligence.
Based on the report, the data contain sensitive files of former intelligence, military and government personnel in America.
The problem arises when they discovered the thousands of confidential files of the former personnel or workers in an incorrect public-facing could server of Amazon. The almost 9,400 filed are containing the personal data of different former or ex military personnel, government and intelligence employees.
They recognized some of the exposed data as Top Secret security clearances.
According to the report of Gizmodo, the clearances are from those people who work at TigerSwan, which is a private cyber security agency based in North Carolina.
A researcher from the UpGuard Company discovered the exposed confidential files in a folder specified as “resumes.” After checking them, they found out that these are thousands of Curriculum Vitae records or CVs from citizens of America and some are classified of Top Secret security clearances.
From these files, they include those from people who worked from the National Security Agency (NSA), Central Intelligence Agency (CIA), United States Secret Service, Military and other government firms in the country.
“A cursory examination of some of the exposed resumes indicates not merely the varied and elite caliber of many of the applicants as experienced intelligence and military figures, but sensitive, identifying personal details,” stated UpGuard as quoted by Gizmodo online.
The researcher who discovered the security lapse is Chris Vickery.
As from the report of the Hill, there are also exposed sensitive files or data containing the CVs of an employee from the United Nations and a chief of police who worked in Middle East. Moreover, there are revealed information in public about particular citizens of Afghanistan and Iraq who had linked and worked together with the military of the US.
Gizmodo likewise revealed that some affected individuals in this kind of security lapse have involvement to sensitive operations before such as an applicant who is responsible in transporting the activation codes of a nuclear and weapon elements too. This kind of job is definitely a confidential and a high profile task to consider and must not be exposed in public.
It appears that the issue about the security lapse needs the full attention of the authorities.
From the exposed data, they include the home addresses, personal contact details, personal emails and phone numbers of the affected individuals. Although the leak of security lapse is pointing out TigerSawan as responsible, the private security agency however is blaming TalentPen for the problem.
“At no time was there ever a data breach of any TigerSwan server,”said TigerSwan as cited by the news online.“All resume files in TigerSwan’s possession are secure. We take seriously the failure of TalentPen to ensure the security of this information and regret any inconvenience or exposure our former recruiting vendor may have caused these applicants,” the security company added.
TalentPen is actually a hired outsourcing service that process applicants for new jobs.
In line with this issue, Vickery likewise said that he is hoping that no other abusive people had discovered the exposed confidential files. This is truly important because they might utilize them for unlawful activities without the knowledge of the exact owners, which can even compromise their identities.
It was only on August when they delete the files from the cloud server since the UpGuard researcher discovered them last July, added by the news online. With the many online hackers today who steal personal information illegally, it is very important for any company or business to safeguard all important details to avoid any kind of hacking incident.