Slashdot Mirror
Top Defense Contractor Left Sensitive Pentagon Files on Amazon Server With No Password (gizmodo.com)
Sensitive files linked to the National Geospatial-Intelligence Agency -- which works with the nation's intelligence agencies to analyze aerial data -- were apparently left on a public Amazon server by an employee of Booz Allen Hamilton, one of the nation's top defense contractors, reports Gizmodo. From the article: A cache of more than 60,000 files was discovered last week on a publicly accessible Amazon server, including passwords to a US government system containing sensitive information, and the security credentials of a lead senior engineer at Booz Allen Hamilton. What's more, the roughly 28GB of data contained at least a half dozen unencrypted passwords belonging to government contractors with Top Secret Facility Clearance. The exposed credentials could potentially grant their holders further access to repositories housing similarly sensitive government data. Countless references are made in the leaked files to the US National Geospatial-Intelligence Agency (NGA), which in March awarded Booz Allen an $86 million defense contract. Often referred to as the Pentagon's "mapmakers," the combat support agency works alongside the Central Intelligence Agency, the National Reconnaissance Office, and the Defense Intelligence Agency to collect and analyze geospatial data gathered by spy satellites and aerial drones. The NGA on Tuesday confirmed the leak to Gizmodo while stressing that no classified information had been disclosed.
Accidentally, on porpoise?
> . . . an employee of Booz Allen Hamilton
Isn't that the company Snowden worked for?
I'll see your senator, and I'll raise you two judges.
Refuse to allow Booz any new government contracts for their incompetence. (Won't happen)
Especially if no harm was done.
> The NGA on Tuesday confirmed the leak to Gizmodo while stressing
> that no classified information had been disclosed.
So no harm, no foul fowl.
> “NGA takes the potential disclosure of sensitive but unclassified information
> seriously and immediately revoked the affected credentials,”
> an agency spokesperson said.
I feel safer already. They closed the barn door after it came to their attention that the horse had escaped.
> The Amazon server from which the data was leaked was “not directly
> connected to classified networks,” the spokesperson noted.
That makes me wonder how the information got there then. It must have been some really strange kind of unintentional accident if there is no possible connection between the networks.
> Typically, US government servers hosted by Amazon are segregated into
> what’s called the GovCloud—a “gated community” protected by advanced
> cryptography and physical security. Instead, the Booz Allen bucket was found
> in region “US-East-1,” chiefly comprised of public and commercial data.
So however these 60,000 files weighing in at 28 GB, and "contain[ing] at least a half dozen unencrypted passwords belonging to government contractors with Top Secret Facility Clearance", must have gotten there through some amazing series of unintentional accidents.
Will wonders ever cease?
I'll see your senator, and I'll raise you two judges.
Triangle. Congress critters control taxpayer money used by the military. The military uses private contractors in those congress critters' districts. Those private contractors control the money given to congress critters, thus completing the triangle.
I'll see your senator, and I'll raise you two judges.
I've heard the Hillary defense many times. I'm not sure how it would apply here. Or maybe I'm thinking of the wrong Hillary defense.
The Hillary defense goes something like this: . . . . bu, bu, but Hillary's email servers! And Hillary this, and Obama that and Hillary something else! What about those? It's so unfair!
I'll see your senator, and I'll raise you two judges.
Intent does not change the color of the pregnancy test stick.
Intent does not bring people back to life after collision with drunk driver.
Intent is not going to undo the results that will follow from putting a clown circus in power.
The road to somewhere is paved with good intentions.
I'll see your senator, and I'll raise you two judges.
The actual Hillary defense would hold up quite well, and always will: you have more dirt on everyone important involved in the process than what you're accused of. Hard to pull off if you weren't recently married to someone with access to the classified dossiers of every congresscritter and senior bureaucrat, however.
Heck, the only reason Obama was able to take the primary was that he came out of nowhere, so the Clintons didn't have any dirt on him.
Socialism: a lie told by totalitarians and believed by fools.
Why do documents with plain-text user credentials exist ANYWHERE, for ANY REASON in the first place? Is the government (or at least the NGA) really that completely incompetent? This is shocking! I don't care that it was leaked. We need to assume that is ALWAYS going to happen. I care that such documents were ever created in the first place.
> The Amazon server from which the data was leaked was “not directly
> connected to classified networks,” the spokesperson noted.
That makes me wonder how the information got there then. It must have been some really strange kind of unintentional accident if there is no possible connection between the networks.
I don't understand the confusion. The Amazon server was never connected to a classified network and no classified information was leaked. It would be a really strange accident if data had migrated off of a classified network. That didn't happen.
He's getting rather old, but he's a good mouse.
...quick question: did this numbskull ACTUALLY GET FIRED?
Because what I'm finding in our firm's dealing with government and contractors is that very, very few people are ever *actually* held accountable for fuckups.
And I'm talking about people from congresscritters and senior presidential staff on down.
-Styopa