Wednesday, September 26, 2018
Military News

SOCom investigating claim that consultant gained entry to health care data

U.S. Special Operations Command is investigating a claim by a cybersecurity consultant that he was able to breach a database containing the personal information of hundreds of health care workers who treat commandos and their families.

The investigation was confirmed by Ken McGraw, a spokesman for SOCom, the command based at MacDill Air Force Base that helps guide the work of the military's commandos. Consultant Chris Vickery told the Tampa Bay Times he gained entry into the database of a Virginia company that provides health care workers for a SoCom program called Preservation of Force and Family.

The files he acquired do not appear to contain health care information about commandos, Vickery said. It is unknown whether anyone outside the company other than him had accessed the data, he said.

The information contains names, Social Security numbers, home and work addresses, email addresses, phone numbers, resumes and security clearances for employees with Potomac Healthcare Solutions.

It also includes the company's jobsite locations around the United States as well as in Japan, Ireland and other foreign lands. As part of the program, the health care workers travel to locations where commandos are based.

Potomac Healthcare Solutions is a subcontractor with Booz Allen Hamilton, which in 2013 won a contract worth up to $475 million to run the Preservation of the Force and Family program. The SOCom program provides mental, physical and spiritual care to commandos with the Navy SEALs, Army Green Berets and Rangers, Delta Force members and Air Force and Marine commandos, according to the Potomac website. Families also are covered.

The program is aimed at "decreasing the rate of physical and emotional injuries from all causes, and significantly accelerating return to duty times," the website says.

Many of the employees in the database hold the highest federal security clearance, said Vickery, who still has the data.

Potomac officials said in a statement to the Times on Monday that they are aware of Vickery's claim. They said internal and external reviews have turned up no sign yet that any sensitive information was compromised.

"The privacy and security of information remains a top priority, and we will continue to work diligently to address any issues or concerns," Potomac said.

Vickery said he found the data by using a search engine that sweeps the so-called Internet of Things, a networking of devices connected to the Internet including security cameras, refrigerators and even light bulbs.

Vickery is the recipient of the 2016 Data Detective Award from Patient Privacy Rights and Harvard University's Data Privacy Lab. He said he has helped in investigations conducted by the Federal Trade Commission, FBI, Texas Attorney General's Office, Secret Service and the state of Kansas.

He gained entry to the Potomac data during a Christmas Day search but did not realize until the next day what he had found, he said. On Sunday, Vickery posted redacted copies of some of the data on his blog at MacKeeper, an Internet security firm. The blog item was first reported by ZDNet, an Internet technology website.

"We take any allegation of a data breach very seriously, including those from our subcontractors," said James Fisher, a Booz Allen Hamilton spokesman, in an email message to the Times. "We are looking into this alleged event."

Aside from health care workers' personal information, Vickery was able to obtain a list of hundreds of millions of dollars in future contracts Potomac is seeking, as well as a number of password-protected financial databases he said he does not want to try breaching.

On his blog post, Vickery said he had difficulty persuading Potomac officials to take his breach seriously. He said that as of Monday afternoon, no one from SOCom had contacted him.

"It's not hard to imagine a Hollywood plot line in which a situation like this results in someone being kidnapped or blackmailed for information," Vickery wrote in his blog. "Let's hope that I was the only outsider to come across this gem. Let's really hope that no hostile entities found it. Loose backups sink ships."

Contact Howard Altman at [email protected] or (813) 225-3112. Follow @haltman

Comments
Sunk by torpedo a century ago, USS Tampa left a legacy of protection

Sunk by torpedo a century ago, USS Tampa left a legacy of protection

As dusk was settling in over the Irish sea, a German submarine spotted a lone ship steaming toward England’s Bristol Channel. The U-boat dived to attack. About half an hour later, it fired a single torpedo. In his battle notes, the commander,...
Published: 09/20/18
Updated: 09/22/18
Howard Altman: Tampa World War II veteran turning 100 recalls guarding prisoners then celebs

Howard Altman: Tampa World War II veteran turning 100 recalls guarding prisoners then celebs

Frank Sorbera was a band boy for the Russ Morgan Orchestra, lugging equipment and driving vehicles, all the while hoping to one day join the big band outfit as a singer.But it was 1944, World War II was grinding on and Uncle Sam had other plans for t...
Published: 09/13/18
Updated: 09/14/18
Saved by a hunk of marble, Trinity man recalls harrowing escape from World Trade Center

Saved by a hunk of marble, Trinity man recalls harrowing escape from World Trade Center

TAMPA — Shortly before 9 a.m. on a beautiful morning 17 years ago, Greg Amira was making his way up to his office on the 73rd floor in the south tower of the World Trade Center.He felt the building shake."I assumed Building No. 1 was hit," Amira said...
Published: 09/11/18
Updated: 09/12/18
Experts say it’s likely Cuba embassy workers were sickened by ‘directed energy’ weapons

Experts say it’s likely Cuba embassy workers were sickened by ‘directed energy’ weapons

There is a "high probability" that U.S. embassy workers sickened in Cuba in late 2016 were attacked by a "directed energy" weapon, a biochemistry expert told officials from U.S. Special Operations Command and its Ybor City-based incubator partner Sof...
Updated one month ago
World War II nurse, turning 100 in Tampa, recalls the pain of invisible wounds

World War II nurse, turning 100 in Tampa, recalls the pain of invisible wounds

TAMPA — During her time as an Army nurse in World War II, treating the wounded in North Africa, Normandy and the Ardennes Forest, Martha Cameron proved to be a pioneer in more ways than one.One of the first women to land in France after D-day, part o...
Updated one month ago
SOCom is asking to see all kinds of drones, some for delivering blood to the battlefield

SOCom is asking to see all kinds of drones, some for delivering blood to the battlefield

On a far-flung battlefield, 100 miles from the nearest treatment center, a Navy corpsman signals for a small drone to bring life-saving blood to a wounded commando.Meanwhile, a tiny drone shaped like a bug spies on enemy leaders. Another small drone ...
Updated one month ago
Howard Altman: Carrollwood veteran gets hero’s welcome retrieving dog tags from Normandy

Howard Altman: Carrollwood veteran gets hero’s welcome retrieving dog tags from Normandy

Nearly 75 years after first coming ashore in France as a young Army soldier, Boris Stern returned this summer to offer thanks to those who helped return his long-lost dog tag.He arrived to a hero’s welcome."I’ve been all over the world," said Stern, ...
Updated one month ago