Not the only tech news
The Equifax hack affected 143 million people. During the 2016 Presidential Election, 21 states were targeted by Russian hackers.
Both stories have dominated the news cycle but there is one lesser known breach that has not garnered the same level of attention.
What’s on the liene
Thousands of veterans’ information was compromised when their resumes were left unprotected and accessible by the public. The resumes were originally sent to TigerSwan, a protection and risk assessment organization that is known to hire veterans. It was started by retired members of the US Delta Force, and they have made it a point to employ former members of the Special Forces.
Unlike the Equifax hack, there was no direct breach to security of TigerSwan.
There was, however, a highly overlooked vulnerability that opened the doors for anyone to view and use their private information. TigerSwan used a third party recruiter, TalentPen, to process job applications.
TalentPen uploaded the applications to an Amazon Web hosted cloud storage folder, not so discreetly named “Resumes,” to store the data. The problem is that such cloud storage was left unsecured. Anyone with the internet could access the 9,402 files that were available.
No Small Deal
Though resumes do not contain the most personal information, they do offer a look into the personal employment history of an individual.
In this case, that information is serious, because many of the applicants had top security clearance.
Some of the applicants also included citizens of Iraq and Afghanistan who worked for the US forces from abroad. There is no telling what foreign government agencies could do with this information. In addition, the applications listed home addresses, phone numbers, driver licenses and passport numbers.
The Next Steps
Cyberattacks, while always a threat, are becoming more prominent than ever. Regardless of whether you’ve been affected by one yet, it is important to be aware of your security online. For those applicants of TigerSwan, there are a few things to do that can help protect their information.
Think of how many accounts can be accessed using your social security number. Take immediate action by changing all online passwords and answers to your security questions.