News Database Security

SSNs, Salary Information Exposed In Breach Of Army Servers

Kelly Jackson Higgins

See more from Kelly

Connect directly with Kelly: Bio | Contact

'Unknown' attackers access databases of information on 36,000 people

Kelly Jackson Higgins December 28, 2012

Army officials have confirmed that cybercriminals obtained personal information of 36,000 people from multiple Army commands and visitors to the former Fort Monmouth base via a server hack.

The Army Communications-Electronics Command (CECOM) told The Asbury Park Press that the data breach "may have affected CECOM, C4ISR (Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance) and nongovernmental personnel as well as persons who may have visited Fort Monmouth."

More Security Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>

The Fort Monmouth facility was shuttered in September 2011, and the databases storing its information have since been managed by CECOM personnel based at the Aberdeen Proving Ground in Maryland, where CECOPM and C4ISR were relocated after the Fort Monmouth closing.

A CECOM spokesperson told the newspaper that, at the least, names and Social Security numbers were stolen, and that the databases also included birthplace, home addresses, and salary information.

In a Dec. 18 letter to victims whose data was exposed in the breach, CECOM commanding general Maj. Gen. Robert Ferrell said the hack was detected on Dec. 6 and that the breached databases were taken offline.

The databases included information from CECOM Software Engineering Center personnel files and from Fort Monmouth visitor logs, Ferrell said.

The Army's Cyber Command is overseeing the investigation into the breach, and the Army is offering victims free credit-monitoring service for one year. An Army spokesperson says the attack was waged by an "unknown" attacker and its purpose was also unknown.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins

See more from Kelly

Connect directly with Kelly: Bio | Contact

Dark Reading Discussions

Start the Discussion

To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.

Follow Dark Reading

Dark Reading Reports

Security Implications Of Big Data Strategies

To understand how to secure big data, you have to understand what it is - and what it isn't. As organizations set about building big data clusters, they're finding that many of the best practices for securing such clusters are the same used to secure any corporate data. However, there are some big differences as well. Here are some recommendations on how to alter your security strategy to accommodate big data - and when not to.
Building and Maintaining Database Access Control Provisions

Knotted and complex database access permissions are among the biggest threats to enterprise data security. In this Dark Reading report, we examine the problems associated with granting permissions to sensitive data, and recommend solutions that will help organizations thoughtfully and effectively grant privilege when and where it is needed - and only when and where it is needed.
A Guide to Database Activity Monitoring

Database activity monitoring, or DAM, is an effective compliance and security strategy. However, not every DAM system will work the same in every organization. Indeed, not every organization can even make use of every feature that DAM systems provide. In this report, we examine what DAM can and can't do, and recommend how to evaluate and implement the best system for your organization.

Other reports from the Database Security Tech Center:

Related Content

Sponsored by

Control And Protect Sensitive Information In The Era Of Big Data

This report outlines the future look of Forrester's solution for security and risk executives seeking to develop a holistic strategy to protect and manage sensitive data. In the never-ending race to stay ahead of the competition, companies are developing advanced capabilities to store, process, and analyze vast amounts of data from social networks, sensors, IT systems, and other sources to improve business intelligence and decisioning capabilities.
Understanding Holistic Database Security, 8 Steps to Successfully Securing Enterprise Data Sources

This paper discusses the 8 essential best practices that provide a holistic approach to safeguarding data and achieving compliance with a proactive and systematic approach to ensure that corporate databases, data warehouses, file shares and Hadoop-based big data environments are secure from breaches and unauthorized changes, while achieving compliance with key regulations such as SOX, PCI DSS, GLBA, HIPAA and data protection laws.
Database Activities You Should Be Monitoring, Gartner analyst

As data stores grow in scope and importance, the need to monitor activities - especially in RDBMSs becomes essential for meeting legal and regulatory compliance requirements. These databases store huge amounts of sensitive data, affecting both data security and system and data availability. Is the data safe? Who has access and what are they doing with that access?
Top 3 Myths about Big Data Security: Debunking common misconceptions about big data security ebook

Security for big data systems is not optional, it's imperative. This eBook addresses three myths of big data security: 1) Big data is a buzz word; existing security controls will suffice. 2) Big data deals with social media and sentiment analysis; this data is freely given up by individuals, waiving their security rights. 3) Big data equals Hadoop and Hadoop is used for internal analytics only.

Free Research and Reports

What's this?From the Editors of DarkReading

More >>

Box Icon

Whitepapers

What's this?

More >>

Box Icon

Dark Reading Digital Magazine

Dark Reading May 2013 Digital Supplemental Issue

Back Issues

In This Issue

The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.

Download Now

First Name*:
Last Name*:
Email Address*:
Job Title:
Company/Organization/Gov't Dept.:
*Required field
Privacy Statement

Security

Protect The Business - Enable Access

News Database Security

SSNs, Salary Information Exposed In Breach Of Army Servers

'Unknown' attackers access databases of information on 36,000 people

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

Security Implications Of Big Data Strategies

Building and Maintaining Database Access Control Provisions

A Guide to Database Activity Monitoring

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue

News Database Security

SSNs, Salary Information Exposed In Breach Of Army Servers

'Unknown' attackers access databases of information on 36,000 people

More Security Insights

White Papers

Reports

Webcasts

Related Reading

Dark Reading Discussions

Start the Discussion

Follow Dark Reading

Dark Reading Reports

Related Content

Dark Reading Newsletter

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue