BreachExchange mailing list archives
Hackers Steal Personal Details of 36, 000 People with US Army Connections
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Mon, 31 Dec 2012 15:17:09 -0600
http://www.ibtimes.co.uk/articles/419150/20121229/american-army-hackers-fort-monmouth-cyber-attack.htm Hackers have cracked computer systems connected with a former US military base at Fort Monmouth, New Jersey, stealing the personal details of more than 36,000 people. The main victims of the attack are thought to be personnel at C4ISR (Command, Control, Communications, Computers, Intelligence, Surveillance, Reconnaissance) and Communications-Electronics Command (CECOM). The cyber-attackers also stole the personal information of visitors to the base. Details such as "a mix of full names, dates and places of birth, social security numbers, home addresses, and salaries" have fallen into the hackers' hands, CECOM spokeswoman Andricka Thomas told the Asbury Park Press. Both C4SIR and CECOM were moved to Aberdeen Proving Ground in September 2011, following the closure of Fort Monmouth. The hackers are yet to be identified by the authorities, and the Army's Cyber Command is leading an investigation into the attack. The spokeswoman added that the attack was launched by "unknown" persons and for "unknown reasons". Follow us The breach was discovered on 6 December and the affected databases were immediately shut down. "CECOM takes this incident very seriously and we apologise to all personnel affected. We are taking urgent and decisive action to prevent this from occurring again. This does not affect anyone's ability to do their jobs, or impact entitlements," added Thomas. The commanding officer of CECOM, Major General Robert Ferrell, has sent letters to all the victims of the attack. He said the hackers had gleaned information from visitor logs and from the Software Engineering Centre's personnel files. The US Army has offered one year's free credit monitoring to all those affected by the attack. To report problems or to leave feedback about this article, e-mail:v.sridharan () ibtimes com To contact the editor, e-mail: editor () ibtimes co uk _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Hackers Steal Personal Details of 36, 000 People with US Army Connections Erica Absetz (Dec 31)