Slashdot Mirror

← Back to Stories (view on slashdot.org)

Server with Top-Secret Data Stolen

Posted by Zonk on from the don't-walk-around-with-that-stuff dept.

An anonymous reader writes "Usually missing information stories are fairly low key; the loss of a few thousand student records is cause for concern for those involved, but hardly national security. This one is slightly different. The company Forensic Telecommunications Services has announced that a server containing 'thousands of top-secret mobile phone records and evidence from undercover terrorism and organized crime investigations' has been stolen. From the article: 'The company — whose clients include Scotland Yard and the Crown Prosecution Service — has assured the public that the server is security protected, and the breach will not compromise ongoing police operations. The information is made up of either old cases that have passed through the judicial process, or cases that are already in the judicial system and so subject to full disclosure to both defense and prosecution teams.'"

16 of 142 comments (clear)

  1. Just FYI... by daveschroeder · · Score: 4, Informative

    ...Forensic Telecommunications Services is a UK company, not a US company, so please keep that in mind when crafting your comments.

    (And yes, this is fairly plainly obvious to anyone who takes a moment to look.)

    1. Re:Just FYI... by Control+Group · · Score: 4, Funny

      But the British government has been in bed with the US government for years, which means they pretty much do whatever the US tells them to, which means they're pretty much just a US colony, which means that this loss is obviously attributable to FBI negligence, which is clearly linked to the PATRIOT Act, which means that it's the sole responsibility of the current administration - and we all know how Karl Rove likes to publicize secret information; this loss is obviously why he's resigning - which means that George W. Bush wants criminals to go free, so he can further consolidate his power and declare himself interim president for life!!!

      CAN'T YOU SEE, MAN? IT'S THE END OF FREEDOM!

      --

      Reality has a conservative bias: it conserves mass, energy, momentum...
  2. Isn't it obvious? by thatskinnyguy · · Score: 3, Funny

    I blame the intern!

    --
    The game.
  3. Top secret public records? by mmarlett · · Score: 5, Insightful

    Which is it: Top secret phone records or information that has already been released in court cases? It doesn't seem like the two are the same.

    1. Re:Top secret public records? by yog · · Score: 4, Insightful

      I don't get it. What happened to locks, keys, and trusted employees? It seems like companies and government organizations are constantly leaving sensitive materials in cars or in unsecured locations where they can be stolen by opportunistic thieves. After thousands of years of civilization, and with all the fancy technology at our disposal today, have we learned nothing about how to keep important materials out of mischievous hands?

      A server with sensitive information should not be on the public internet, and it should not be on the premises of a subcontractor! It should be safe behind locked doors with access only by a select few, and protected by strong encryption too. I just don't get it; it's kind of depressing.

      --
      it's = "it is"; its = possessive. E.g., it's flapping its wings.
    2. Re:Top secret public records? by dmpyron · · Score: 3, Interesting

      I've handled TS and above at a number of contractors over the years. That said, "What happened to locks, keys, and trusted employees?". And how do you get a server out of the building? Stuff in down your pants? I've never worked anywhere where areas with classified information weren't surrounded by cameras. And access control. And lots of other means of tracking the comings and goings. There's more to this story than has been made public.

      The lady doth protest too much, methinks. Something is rotten in the state of Denmark.

      Either there really wasn't much to worry about or they are secretly passing rectangular pieces of firehardened clay out their anuses. And these guys are called a "security" firm!

  4. I could sure trust them by faloi · · Score: 5, Insightful

    Except that their physical security is apparently so poor that I can't imagine their data security is much better.

    "All the data is protected, as long as the thieves don't look at the password sticker hidden inside the case."

    --
    "It is a miracle that curiosity survives formal education." -Albert Einstein
  5. Good thing I didn't have anything to hide, by MrMr · · Score: 4, Funny

    from the Russian mafia.

  6. Wrong Terminology by stewbacca · · Score: 4, Insightful

    "Top Secret" is a term reserved for government classification schemes (in the US) and is clearly outlined by US laws. Using "Top Secret" for a business is just sensationalism. This business lost sensitive data, not "Top Secret" data.

    1. Re:Wrong Terminology by stewbacca · · Score: 5, Informative
      I was a contractor that handled real Top Secret data and that term is reserved for government classified data only. Contractor's own stuff is neither Top Secret, nor protected under the provisions provided to government Top Secret data. My point is that there are too many stories from JoeBlow, Inc. that report "Top Secret" information being stolen just to sensationalize the story. To working professionals in the Intel field, the notion that Top Secret data was stolen is a national security crisis, only to read in the story that some stupid company lost some data with private information in it.

      True, that many countries share classification terminology. England, Canada, U.S. and Australia, for example, have all worked to synchronize their terms and laws. But the common thread is that these are all covered by government classification guidelines, not the private sector.

      I suppose the info in the story could be "Top Secret" in the true sense of the word, but if this company was a contractor handling real Top Secret (ie, government classified) data, it would be a much bigger story than something buried in slashdot ;-)

    2. Re:Wrong Terminology by stewbacca · · Score: 4, Informative

      Contractors working with US classified documents are bound to the same rules and regulation as government employees when handling classified data. My point is that companies can't just make up their own classification of something being "Top Secret". Boeing doesn't have the right to make something they created "Top Secret" just because Boeing thinks it is Top Secret. Only the government classification authority can designate a classification of: Unclassified, Confidential, Secret, or Top Secret. Anything else would be internal corporate policy, but any naming convention Boeing comes up with on their own is NOT provided the same protections under US Law that real government classifications are. (I may sound like a broken record, but I used to teach this stuff to government employees).

  7. Private company????? by Anonymous Coward · · Score: 3, Insightful

    Shouldn't someone explain wtf does top secret policial information in the hands of a corporation? Such information should be gathered, kept and custodied by police.

  8. This was a Physical Break in by varmittang · · Score: 3, Informative

    "FTS can confirm that the company was recently the victim of a break-in at one of our premises in Kent. As a result, some IT equipment including a server was stolen."

    Very important info for all those who want to start a flame war about what OS it was running and why it was connected to the Internet.

    --
    -----BEGIN PGP SIGNATURE-----
    12345
    -----END PGP SIGNATURE-----
  9. Comment removed by account_deleted · · Score: 4, Insightful

    Comment removed based on user account deletion

  10. Protected how? by hcdejong · · Score: 3, Funny

    1. Cryptonomicon-style, with a big coil embedded in the door frame of the room where the server was stored (question is, would that even work, without using an MRI as the coil)
    2. with a brick of thermite on a proximity detonator inserted into the case
    3. boring ol' cryptography

  11. Laptops, always, desktops, yes, servers - ? by caluml · · Score: 3, Insightful

    Well, I always use encrypted partitions for equipment that could be stolen - laptops, or my home PC - but I wouldn't consider it for servers.
    This makes you think though.

    --
    Get your own free personal location tracker