Pentagon data leak publishes valor medal winners’ SSNs

A data security incident at the Pentagon published the SSNs of Army valor medal winners.

A data security incident at the Pentagon compromised the personal information of the 31 Medal of Honor and Distinguished Service Cross recipients, according to Los Angeles Times columnist David Zucchino. The issue was uncovered by Doug Sterner, a Bronze Star winner, who found a list of winners and their Social Security numbers posted online. The Pentagon removed the information after being notified of the incident.

Although it is not clear how long the SSNs were available, Sterner said they seemed to have been viewable for a significant amount of time. Justin Platt, a Pentagon spokesperson said the data has been available for less than a year, according to the LA Times. Rather than being the result of a cyber criminal hoping to get back at the government, the incident appears to have been caused by a mishap from a Pentagon contractor working on a list of medal winners.

“Sterner has criticized the Pentagon for failing to provide a centralized, comprehensive listing of winners of major valor awards,” Zucchino wrote. “In July, the Pentagon began publishing a website, valor.defense.gov, that lists the names, ranks and wars of Medal of Honor, Distinguished Service Cross and Silver Star recipients since Sept. 11.”

According to the Times, Sterner said that researching and storing that kind of information was unnecessary anyway. He used his own website as an example, which focuses more on describing the winners’ heroic efforts.

The incident has also raised additional criticism from Congress, which recently requested more information about the selection process for award winners. According to Army Times columnist Joe Gould, California Senator Duncan Hunter has expressed frustration over the fact that the Army refused to provide a comprehensive list of medal winners.

“We think that there are more people who are deserving of the Medal of Honor, but trying to work with the Army’s awards branch to learn who these individuals are, we’re told this information isn’t available,” Joe Kasper, deputy chief of staff for Hunter, told Army Times.

Should the U.S. government exercise more control over its contractors? Should a list of valor medal winners be publicly available? Let us know what you think!

Scott Cornell

When he’s not knee deep in blogging and all things tech, Scott spends his free time playing ultimate Frisbee and watching foreign films. An expert in emerging tech trends, Scott always has his ear to ground for breaking news related to IT security.