The popular security expert Chris Vickery discovered a 11GB archive of Top Secret US SOCOM data that was accidentally leaked.

A subcontractor of the Pentagon has exposed top-secret information of the US Military Special Operations Command (SOCOM) medics.

Exposed records include names, locations, Social Security Numbers, and salaries of the Military SOCOM personnel, the database also included names and locations of at least two analysts of Special Forces. Analysts data have Top Secret government clearance.

The precious archive was accessible on the web and data stored in without encryption, a 11-gigabytes gift to nosy people.

The database was discovered by the popular researcher Chris Vickery, the same expert that discovered several open MongoDB exposed on the Internet.

“A recent data breach discovery of mine contained the names, locations, Social Security Numbers, salaries, and assigned units for scores of psychologists, and other healthcare professionals, deployed within the US Military’s Special Operations Command (SOCOM). Not a single username or password was guarding this intel, which weighed in at over 11 gigs.” reads a blog post published by Vickery.

Vickery discovered the precious archive and reported it to Potomac Healthcare Solutions, the company that provides healthcare workers to the US Government through Booz Allen Hamilton.

The archive includes also pay scales and residency of psychologists and employees at SOCOM.

Experts at Potomac Healthcare Solutions promptly fixed the issue, even if they initially did not seem to take the claim seriously.

“It is not presently known why an unprotected remote synchronization (rsync) service was active at an IP address tied to Potomac,” added Vickery.

“It shouldn’t take over an hour to contact your IT guy and kill an rsync daemon.”

The exposed data in the wrong hand could allow attacks to conduct a wide range of malicious activities, from kidnapping to scams.

“It’s not hard to imagine a Hollywood plotline in which a situation like this results in someone being kidnapped or blackmailed for information,” he says.

“Let’s hope that I was the only outsider to come across this gem.”

In December 2015 the security expert Chris Vickery discovered 191 million records belonging to US voters online, in April 2016 he also discovered a 132 GB MongoDB database open online and containing 93.4 million Mexican voter records.In March 2016, Chris Vickery has discovered online the database of the Kinoptic iOS app, which was abandoned by developers, with details of over 198,000 users.

Pierluigi Paganini

(Security Affairs – database, SOCOM)

Update from Potomac Healthcare Solutions

As a follow-up to the initial communication on this issue, Potomac Healthcare Solutions, with support from an external forensic IT firm, has completed its investigation of a security incident involving the unauthorized access of one of our internal servers. Despite earlier media reports, our review, which was immediately initiated after the initial questions were raised, has confirmed that the impacted server did not contain any classified government information or protected medical or personal data related to active duty military personnel or their families. However, the affected server did contain files with data of a limited number of current and former Potomac employees’ personal information. While we have no evidence to suggest that any employee information has been used inappropriately, Potomac is in the process of proactively reaching out to impacted employees to provide guidance on how they can protect themselves and is offering complimentary credit monitoring and identity theft protection services to affected individuals. The privacy and security of personal information is a top priority, and we are committed to taking steps to prevent this type of incident from occurring again in the future.