Personal data exposed on Navy Web site
The breach could affect all Navy and Marine Corps aviators who served in the past 20 years.
The Naval Safety Center (NSC) said July 7 it had discovered that personal information on more than 100,000 Navy and Marine Corps aviators and aircrew was accessible on its public Web site and has since removed the information from the site.
The Norfolk, Va.-based NSC said the personal information exposed on its Web site included Social Security numbers and pertained to current active-duty and reserve aviators and aircrew, and could affect every Navy and Marine aviator who has actively served in the past 20 years.
The same personal information was contained on 1,083 Web-enabled safety program disks mailed to Navy and Marine Corps commands, according to an NSC statement. The center’s Web site has been shut down since July 7.
This is the second time in as many weeks that a Navy unit has reported exposure of sensitive personal information on its personnel on a public Web site.
In late June the Navy Personnel Command (NPC) said it had discovered that personal data – including Social Security numbers and birthdates – on 28,000 service members and their family members had been published on a civilian Web site.
NSC said its commander, Rear Adm. George Mayer, ordered the personal information immediately removed from the Web site and said an investigation is under way to determine how it was inadvertently posted. The center said it is working to recall the 1,083 disks containing the same information.
NSC, established in 1951, provides safety information Navy-wide and analyzes and investigates aviation mishaps. It also works with afloat and ashore Navy units on safety issues and supports safe driving campaigns.
The service said it is working quickly to notify personnel affected by the data breach. NSC said it has no evidence that any of the personal data exposed on its Web site has been used illegally.
NPC is setting up a call center in Millington, Tenn., that will be open around the clock to assist affected personnel, NSC said. It should be available later this weekend at (866) 827-5672.
NPC has released little information about the exposure of personal information on sailors and their families on a civilian Web site since first reporting the incident June 23.
The command said Defense Department cyberwar task forces had discovered a civilian Web site that contained personal information on thousands of sailors and their families. It believes the information was related to personnel serving in areas affected by Hurricane Katrina last year.
NEXT STORY: Wright named acting US-VISIT deputy director