Defense

Sensitive Pentagon files found unsecured on AWS server

A cybersecurity analyst discovered more than 60,000 sensitive Defense Department files on a publicly accessible Amazon Web Services server after contractor Booz Allen Hamilton appears to have left them there unsecured.

By FedScoop Staff

June 1, 2017

(Getty Images)

Chris Vickery, an analyst at the cybersecurity firm UpGuard who first found the files, told sister publication CyberScoop it’s “highly likely” that malicious actors are downloading this publicly exposed data but said it remains unclear if anyone realized and acted on the gravity of the exposed data. A large part of Booz Allen Hamilton’s business is contracting with intelligence agencies.

The data leakage was first reported by Gizmodo on Wednesday.

Although none of the files were classified, they included passwords to sensitive government systems, credentials belonging to a senior engineer at Booz Allen Hamilton, vulnerability reports on government source code and government contractors with Top Secret clearances. The exposed files are linked to the National Geospatial-Intelligence Agency (NGA), the Department of Defense agency that collects and analyzes data gathered by satellites and drones for the U.S. military and intelligence community.

Sensitive Pentagon files found unsecured on AWS server

More Like This

ICE pursuing privacy approvals related to controversial phone location data

House Modernization panel advances bill to improve CRS’s data access in first-ever markup

Oracle approved to handle government secret-level data

Top Stories

DOJ seeks public input on AI use in criminal justice system

GSA taps TTS deputy director to take top Login.gov role next month

CISA’s chief data officer: Bias in AI models won’t be the same for every agency

Scientists must be empowered — not replaced — by AI, report to White House argues

404 page: the error sites of federal agencies

White House hopeful ‘more maturity’ of data collection will improve AI inventories

Generative AI could raise questions for federal records laws

More Scoops

Department of Justice drops challenge of Booz Allen-EverWatch deal

NSA awards $284M cybersecurity services contract to CACI

NSA to reconsider $2.4B analyst contract after protests from Booz Allen and Leidos

Federal judge denies second attempt from DOJ to obtain interim injunction in Booz Allen-EverWatch case

Booz Allen acquisition of EverWatch unlikely to harm competition says federal judge

Booz Allen Hamilton completes EverWatch acquisition

Federal judge declines to grant DOJ interim injunction in Booz Allen antitrust case

Latest Podcasts

Sensitive Pentagon files found unsecured on AWS server

Scientists Must Be Empowered, Not Replaced by AI

Leveraging modern access management to achieve zero trust

The role of the federal chief AI officer

Tech

Defense

Cyber

Acquisition