US Air Force investigates data breach

The US Air Force is notifying more than 33,000 officers that their personal data has been breached by a malicious hacker, the Air Force said Friday. The hacker used a legitimate user's ID and password to access personal information on the officers contained in the Assignment Management System (AMS), an online program used for assignment preferences and career management, the Air Force said. That data included career information, birth dates and Social Security numbers.

Lt. Col. Michele Dewerth, a spokeswoman for the Air Force Personnel Center (AFPC) at Randolph Air Force Base in Texas, said there has been no evidence of identify theft.

A systems operator at the air base discovered the breach sometime between May and June, Dewerth said. She declined to be more specific because of the ongoing investigation.

"Immediately upon discovery we put more security measures in place," she said.

The personnel center also notified Air Force and federal investigators that there was unusually high activity on a single user's AMS account in June, according to the statement.

"We notified airmen as quickly as we could while still following criminal investigation procedures with the [Air Force's Office of Special Investigations]," said Maj. Gen. Tony Przybyslawski , AFPC commander. "Protecting airmen's personal information is something we take very seriously, and we are doing everything we can to catch and prosecute those responsible under the law."

The breach involved data on half of the force's approximately 70,000 officers. It also affected fewer than 20 enlisted personnel, the Air Force said.

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Audit Management Solutions

Manage the complete audit lifecycle from audit universe identification and risk assessment to management/board reporting and quality assurance.

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »