Feeds

US Army loses 16,000 personnel records in South Korea

Not a M*A*S*H* rerun - ARMY 'fessed up to haXXor attack yesterday

Choosing a cloud hosting partner with confidence

Sensitive information of more than 16,000 US Army personnel stationed in South Korea, plus data on local employees and job applicants, appears to have been compromised after databases loaded with names, identification numbers and addresses were accessed by unauthorised and unknown parties.

Specific details of how the 28 May raid was launched were not disclosed. but banking details and classified data was not compromised.

The Army's South Korean outpost apologised in a letter (PDF) to troops and job seekers signed by US Army Commander Curtis M Scaparrotti.

"United States Forces Korea (USFK) was made aware of a potential theft of personal information from the Korean National Recruitment System maintained by the US Department of the Army," Scaparrotti said.

"We deeply regret and apologise for any inconvenience and concern this matter may cause you. USFK takes this compromise very seriously and is reviewing policies and practices with a view of determining what must be charged to preclude a similar occurrence in the future."

The Army was consulting with senior US and Korean officials over the incident and has pulled the affected machine from its network and switched to a different system to handle employment applications.

One of the most significant breaches to affect Defence occurred in 2008 when an infected USB drive was plugged into a laptop at a US Army base in the Middle East.

Deputy Defence secretary William Lynn said at the time the incident created a "digital beachhead" for further attacks and data exfiltration.

Another major breach occurred in 2009, when a hard drive containing details on 70 million US Army Veterans was sent to a recycling plant without first being irreversibly erased. ®

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
China is ALREADY spying on Apple iCloud users, watchdog claims
Attack harvests users' info at iPhone 6 launch
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.