New Zealand Man Buys MP3 Player, Gets 60 Pages Of Sensitive U.S. Military Data - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management
Commentary
1/27/2009
02:35 PM
Mitch Wagner
Mitch Wagner
Commentary
50%
50%

New Zealand Man Buys MP3 Player, Gets 60 Pages Of Sensitive U.S. Military Data

New Zealand's Chris Ogle probably thought it was his lucky day when he scored a used MP3 player cheap. But his luck soured when it turned out to be broken -- and loaded with 60 pages of U.S. military data and personally identifying information.

New Zealand's Chris Ogle probably thought it was his lucky day when he scored a used MP3 player cheap. But his luck soured when it turned out to be broken -- and loaded with 60 pages of U.S. military data and personally identifying information.It could have been worse. It could have been a video iPod, filled with the complete run of Dr. Phil.

Ars Technica has the story (although they incorrectly identify the device as an iPod):

The files Ogle found on the [MP3 player] contain the names and personal details of U.S. soldiers, including some who served in Afghanistan and Iraq. There are no details on exactly how many personal records are contained within the documents (most of which date back to 2005), but they do also have information on mission briefings and equipment deployment.

This incident is probably not the worst breach of military data in recent memory. About a year ago, a U.K. military recruitment officer's notebook containing over 600,000 personally identifying, unencrypted records was stolen from his car. In 2007, the U.S. military began clamping down on "milbloggers" who may have inadvertently been giving away too much information to the enemy by posting about day-to-day base operations on increasingly popular public blogs.

"Mr. Ogle said the MP3 had never worked as a music player and he would hand it over to the U.S. Defence Department if asked," according to abc.net.au.

"While the discovery may prove embarrassing to U.S. officials, the outdated files seem to be of little consequence to national security. However, personal information like Social Security and phone numbers could have put individual soldiers at risk for identity theft and personal harm," notes PC World, which adds that U.S. investigators in Afghanistan in 2006 bought stolen flash drives with military information outside Bagram base, a major U.S. military outpost, and the Defense Department later banned use of USB storage devices.

The Obama administration has ambitious plans for using IT to streamline American government, and improve communication with citizens. However, more powerful IT leads to greater vulnerability, unless better security precautions are included in the package.

Enterprises can take a lesson from this. It's the same lesson they can learn from any data breach. Enterprises need to routinely encrypt data on storage devices, be sure to wipe devices prior to selling or giving them away, and control employees putting sensitive data on their personal devices.

And Chris Ogle, who shelled out good money for an MP3 player filled with useless, dangerous data, can take a lesson from this, too: Maybe he should have bought a Zune.

Update, 5:20 pm: Initially, we incorrectly identified the device as an iPod, but it turns out to be some other variety of MP3 player, according to New Zealand's TVNZ. The video shows the device -- it's clearly not an iPod, although I can't identify the brand and model.

Thanks to @daveom, who Twitters from Auckland, New Zealand, for pointing out the error.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll