Thousands of Security Firm Job Applications Citing Top Secret US Government Work Exposed on Misconfigured Amazon Server
Dell Cameron reports:
Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year.
The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement on Saturday, TigerSwan implicated TalentPen, a third-party vendor apparently used by the firm to process its new job applicants.
“At no time was there ever a data breach of any TigerSwan server,” the firm said.
Read more on Gizmodo. Note that as of the time of this posting, Gizmodo had not been able to confirm or refute TigerSwan’s allegations that TalentPen was implicated.
Update: Zack Whittaker has subsequently reported on this incident and has updated details about how this occurred. Do read his coverage on ZDNet.