Data Leak Exposes Thousands of US Defense Contractor Staff

A digital consultancy has accidentally leaked the personal details of thousands of US defense contractor employees after yet another misconfiguration of cloud infrastructure, it has emerged.

Washington DC-based IMGE accidentally exposed the names, phone numbers, home and email addresses of more than 6000 Boeing staff, according to The Daily Beast.

The trove featured government relations staff and senior executives, including one who apparently worked at the contractor’s advanced prototyping unit on highly sensitive technologies.

“This information was exposed as a result of human error by the website’s vendor,” a Boeing spokesperson told the news site. “Boeing takes cybersecurity and privacy seriously and we require our vendors to protect the data entrusted to them. We are closely monitoring the situation to ensure that the error is resolved quickly.”

The information itself is said to have been harvested by IMGE from a website called Watch US Fly, dedicated to “advancing and protecting American aerospace and manufacturing.”

That site requests that supporters leave their contact details for future campaigns and in order to direct their demands to fund Boeing projects to the right lawmakers, according to the report.

However, it is blocked in the UK so Infosecurity could not confirm these details.

It’s unclear how long the data was left exposed in the Amazon S3 bucket, although the Boeing employees were just a small fraction of the 50,000 individuals whose personal information was reportedly compromised by the snafu.

Chris DeRamus, CTO of DivvyCloud, explained that cloud misconfigurations like this are incre ..

Support the originator by clicking the read the rest link below.