Air Force investigates data breach

Computerworld - The U.S. Air Force is notifying more than 33,000 officers that their personal data has been breached by a malicious hacker, the Air Force said today.
The hacker used a legitimate user's ID and password to access personal information on the officers contained in the Assignment Management System (AMS), an online program used for assignment preferences and career management, the Air Force said. That data included career information, birth dates and Social Security numbers.
Lt. Col. Michele Dewerth, a spokeswoman for the Air Force Personnel Center (AFPC) at Randolph Air Force Base in Texas, said there has been no evidence of identify theft.
A systems operator at the air base discovered the breach sometime between May and June, Dewerth said. She declined to be more specific because of the ongoing investigation.
"Immediately upon discovery we put more security measures in place," she said.
The personnel center also notified Air Force and federal investigators that there was unusually high activity on a single user's AMS account in June, according to the statement.
"We notified airmen as quickly as we could while still following criminal investigation procedures with the [Air Force's Office of Special Investigations]," said Maj. Gen. Tony Przybyslawski , AFPC commander. "Protecting airmen's personal information is something we take very seriously, and we are doing everything we can to catch and prosecute those responsible under the law."
The breach involved data on half of the force's approximately 70,000 officers. It also affected fewer than 20 enlisted personnel, the Air Force said.

Read more about security in Computerworld's Security Knowledge Center.