Establishing Digital Trust: Don't Sacrifice Security for Convenience
Stars and Stripes reports that the personal information of more than 16,000 South Korean employees, former employees and job applicants may have been stolen from U.S. Forces Korea's human resources recruiting system (h/t Computerworld).
On May 28, 2014, USFK learned of the possible breach of a Civilian Human Resources Agency Far East Web server that held two databases of information on employees and job applicants.
Data potentially exposed includes names, identification numbers, email addresses, mailing addresses, phone numbers, education and work experience.
"USFK aggressively and diligently identified potentially impacted individuals, and has taken measures to notify them immediately," USFK said in a statement. "USFK remains confident in our network surveillance and protection system and will continue to vigilantly protect our networks and information."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
The breach has been reported to the South Korean government, and the Army's Criminal Investigation Command's computer crimes unit is investigating the incident.
All those affected are being notified by mail, and are being offered free access to credit monitoring services.
"We take this compromise very seriously and are reviewing our current policies and practices with a view of determining what must be changed to preclude a similar occurrence in the future," Philip F. DeMarais, director of the Civilian Human Resources Agency, wrote in the notification letter [PDF].