Personal details of doctors who are deployed in the United States Special Operations Command (USSOCOM or SOCOM) have been exposed due to a security vulnerability discovered in a server operated by health services contractor Potomac Healthcare Solutions.
MacKeeper Security Researcher Chris Vickery discovered in late December that Potomac, which provides healthcare workers to the government through Booz Allen Hamilton, was running an unprotected remote synchronization (rsync) service which exposed no less than 11 gigabytes of data.
It looks like the leaked details included the names, locations, Social Security Numbers, salaries, and assigned units for psychologists, and other healthcare professionals. In addition, the information of at least two Special Forces data analysts with Top Secret government clearance was also included.
Vickery contacted Protomac to report the issue, but after a discussion with the CEO, he was requested to send an email to detail his findings. One hour later, he says, the data was still there accessible to any potential attack, so he decided to get in touch with other government sources close to Protomac’s activity.
“Potomac’s files went offline about 30 minutes later. I may never know for sure if that second phone call had anything to do with the documents finally being secured, but I’d like to think it might have helped,” he explains.
Promomac: We’re investigating
Earlier this week, Protomac said they were still investigating the breach, emphasizing that until that point, it found no evidence that any personal details were compromised.
“We are aware of the report from an independent security researcher alleging an unauthorized exposure of sensitive government information. Upon learning of the allegation, we immediately initiated an internal review and brought in an external forensic IT firm for additional support,” the firm was quoted as saying.
“While our investigation remains ongoing, based on our initial examination, despite these earlier reports, we have no indication that any sensitive government information was compromised. The privacy and security of information remains a top priority, and we will continue to work diligently to address any issues or concerns.”
The data is no longer available right now, but it’s still worrying that the company working with so sensitive details wasn’t quite receptive to reports of a breach, so when looking to boost security of our data, educating these subcontractors should be on top of the priority list.