Data Breach Exposes RAF Staff to Blackmail

Posted on May 28th, 2009

Data Breach Exposes RAF Staff to Blackmail

Posted using ShareThis

Executive summary of the article: Audio recordings of security clearance interviews are stored on an un-encrypted hard drive that goes missing…

This illustrates a break down in not just one system, but several. The obvious failure to protect physical security is bad. The hard drive should have been a controlled item, with proper labeling, and inventoried with the rest of the equipment.

The infosec controls were bad. You’ve got sensitive data on a drive, you should encrypt the drive.

The admin controls were also bad. Why is the material recorded? Why are the recordings kept?

All this badness combines to create a really horrible problem for the RAF. Someone, somewhere, now has audio of RAF employees that can be used to discredit the service or to exploit the individuals. Even if the RAF pulls the clearances and re-assigns the employees, now the RAF has to scramble to replace people in trusted positions. It’s a bad day for the RAF…

Posted in Technology | Tagged as: , , | Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Categories

  • Advertisment

  • What am I playing?

  • Meta