The US Department of Defense (DoD) has been affected by a data breach after a huge volume of its critical intelligence data was exposed on a publicly accessible server.
UpGuard, a cybersecurity company in the US, has discovered that more than 100GB of data belonged to the US Army Intelligence and Security Command (INSCOM), a joint US Army and National Security Agency (NSA) Defense Department command, according to media sources.
The INSCOM is responsible for gathering intelligence data for US military and political leaders.
The DoD information was leaked on to a public Amazon Web Services S3 cloud storage bucket.
The server contained a total of 47 viewable files and folders in the main repository, three of which were also downloadable.
The leaked files include sensitive details about the DoD’s battlefield intelligence platform, the distributed common ground system – army (DCGS-A) and the platform’s troubled cloud auxiliary, Red Disk.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataThese files also contain private keys used for accessing distributed intelligence systems and hashed passwords that can be used to further access internal systems.
Commenting on the data leak, UpGuard stated: “Plainly put, the digital tools needed to potentially access the networks relied upon by multiple Pentagon intelligence agencies to disseminate information should not be something available to anybody entering a URL into a web browser.
“Although the UpGuard Cyber Risk Team has found and helped to secure multiple data exposures involving sensitive defence intelligence data, this is the first time that clearly classified information has been among the exposed data.”
Additionally, UpGuard found a virtual hard drive and Linux-based operating system that could be used for receiving DoD data from a remote location.