Very few details are available for Missouri National Guard breach
Technorati Tag: Security Breach
Date Reported:
7/15/08
UPDATED ON 7/16/08:
The St. Louis Post-Dispatch reports that this breach was caused by a "laptop and other computer equipment", source: St. Louis Post-Dispatch
Organization:
National Guard Bureau
Contractor/Consultant/Branch:
Missouri National Guard ("MOGUARD")
Victims:
"Citizen-Soldier and employee"s
Number Affected:
"approximately 2,000"
Types of Data:
"some personal information"
Breach Description:
"The Missouri National Guard learned on Monday, July 14, 2008, that some personal information was compromised. Details of how this information was compromised are being withheld at this time, so as not to interfere with the ongoing law enforcement investigation."
Reference URL:
Missouri National Guard Press Release
St. Louis Post-Dispatch
Report Credit:
Missouri National Guard
Response:
From the online sources cited above:
The Missouri National Guard learned on Monday, July 14, 2008, that some personal information was compromised.
Details of how this information was compromised are being withheld at this time, so as not to interfere with the ongoing law enforcement investigation.
[Evan] Sounds like a good excuse to not reveal details.
It is important to note that we have no reason to believe that the information that was compromised was for the purpose of gaining Citizen-Soldier or employee information or that the information has been or will be used inappropriately.
[Evan] It's nice that MOGUARD can make this judgment call on behalf of the victims. Its too bad the victims are not allowed to make a determination themselves based on the facts surrounding this breach.
The Missouri National Guard has a list of those Citizen-Soldiers or employees whose information was compromised.
[Evan] Keyword is "was", and not the phrase "may have been".
Letters are being sent to these individuals and/or their Families.
The list includes approximately 2,000 individuals.
At this time we have no confirmation of misuse of Citizen-Soldier or employee information resulting from the loss.
"I am distressed that sensitive information has been compromised," Major General King Sidwell
[Evan] I am impressed when a leader of an organization steps forward and speaks about a breach. In my opinion it demonstrates strong leadership and the understanding that the "buck" ultimately stops with him.
"I am especially concerned about the problems and inconveniences this may cause for our Missouri National Guard Citizen-Soldiers and their families," King said.
Because Social Security Numbers may have been contained within the missing information, we advise individuals to monitor financial accounts continuously for suspicious activity as a matter of good practice.
[Evan] This statement provide a clue as to what "some personal information" may be.
The Missouri National Guard has safeguards in place to protect private information.
We provide ongoing privacy training to all employees.
The Missouri National Guard has taken action to rectify this unfortunate situation, and is working to insure our Citizen-Soldier’s or employee’s information receives the highest standard of security and privacy protection.
Any soldier or family member with questions should call a hotline number at 1- extension 7888.
If the soldier is deployed overseas, the soldier may use the Defense Switching Network and call extension. 7888.
Commentary:
We have no idea as to what the cause of this breach may have been. Anyone want to guess? If so, post a comment.
It’s a little ironic. I was just typing an email response to an information security friend of mine about military breaches and the way the military has a completely different way of disclosing details (if any). This breach is proof positive. We'll have to see if further details emerge over time.
I sincerely hope that the owners of the "personal information" (the victims) get all of the answers that they require in order to evaluate risk themselves and make educated decisions on how they will proceed.
Past Breaches:
Unknown
Date Reported:7/15/08
UPDATED ON 7/16/08:
The St. Louis Post-Dispatch reports that this breach was caused by a "laptop and other computer equipment", source: St. Louis Post-Dispatch
Organization:
National Guard Bureau
Contractor/Consultant/Branch:
Missouri National Guard ("MOGUARD")
Victims:
"Citizen-Soldier and employee"s
Number Affected:
"approximately 2,000"
Types of Data:
"some personal information"
Breach Description:
"The Missouri National Guard learned on Monday, July 14, 2008, that some personal information was compromised. Details of how this information was compromised are being withheld at this time, so as not to interfere with the ongoing law enforcement investigation."
Reference URL:
Missouri National Guard Press Release
St. Louis Post-Dispatch
Report Credit:
Missouri National Guard
Response:
From the online sources cited above:
The Missouri National Guard learned on Monday, July 14, 2008, that some personal information was compromised.
Details of how this information was compromised are being withheld at this time, so as not to interfere with the ongoing law enforcement investigation.
[Evan] Sounds like a good excuse to not reveal details.
It is important to note that we have no reason to believe that the information that was compromised was for the purpose of gaining Citizen-Soldier or employee information or that the information has been or will be used inappropriately.
[Evan] It's nice that MOGUARD can make this judgment call on behalf of the victims. Its too bad the victims are not allowed to make a determination themselves based on the facts surrounding this breach.
The Missouri National Guard has a list of those Citizen-Soldiers or employees whose information was compromised.
[Evan] Keyword is "was", and not the phrase "may have been".
Letters are being sent to these individuals and/or their Families.
The list includes approximately 2,000 individuals.
At this time we have no confirmation of misuse of Citizen-Soldier or employee information resulting from the loss.
"I am distressed that sensitive information has been compromised," Major General King Sidwell
[Evan] I am impressed when a leader of an organization steps forward and speaks about a breach. In my opinion it demonstrates strong leadership and the understanding that the "buck" ultimately stops with him.
"I am especially concerned about the problems and inconveniences this may cause for our Missouri National Guard Citizen-Soldiers and their families," King said.
Because Social Security Numbers may have been contained within the missing information, we advise individuals to monitor financial accounts continuously for suspicious activity as a matter of good practice.
[Evan] This statement provide a clue as to what "some personal information" may be.
The Missouri National Guard has safeguards in place to protect private information.
We provide ongoing privacy training to all employees.
The Missouri National Guard has taken action to rectify this unfortunate situation, and is working to insure our Citizen-Soldier’s or employee’s information receives the highest standard of security and privacy protection.
Any soldier or family member with questions should call a hotline number at 1- extension 7888.
If the soldier is deployed overseas, the soldier may use the Defense Switching Network and call extension. 7888.
Commentary:
We have no idea as to what the cause of this breach may have been. Anyone want to guess? If so, post a comment.
It’s a little ironic. I was just typing an email response to an information security friend of mine about military breaches and the way the military has a completely different way of disclosing details (if any). This breach is proof positive. We'll have to see if further details emerge over time.
I sincerely hope that the owners of the "personal information" (the victims) get all of the answers that they require in order to evaluate risk themselves and make educated decisions on how they will proceed.
Past Breaches:
Unknown
Posted by Evan Francen at 7/15/2008 2:01 PM 
Categories: National Guard Bureau, Nobody Knows, Stolen Laptop
Categories: National Guard Bureau, Nobody Knows, Stolen Laptop
Posts Atom 1.0
Comments