The Patriot Files Forums  

Go Back   The Patriot Files Forums > Warfare > Cyber

Post New Thread  Reply
Thread Tools Display Modes
Old 02-24-2020, 05:28 AM
Boats's Avatar
Boats Boats is offline
Senior Member

Join Date: Jul 2002
Location: Chicago, IL
Posts: 14,776
Default Once More Unto the Breach: DoD Data Disclosed in DISA Breach

Once More Unto the Breach: DoD Data Disclosed in DISA Breach
By: Steven Matthew Leonard - 02-24-20

ďIt takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.Ē
― Stephane Nappo

ďThis letter is to notify you of a potential compromise of your Personally Identifiable Information (PII). During the May to July 2019 timeframe, some of your personal information, including your social security number, may have been compromised in a data breachÖĒ

Like a couple of hundred thousand others, my standard form letter from the Defense Information Systems Agency (DISA) arrived last week, notifying me that once again, my personal information had been compromised in yet another data breach. As I read the letter, I wasnít even mad. I just sighed. Itís not even worth wasting the energy on anger. Itís happened before. It will happen again.

I was among the 21 million people exposed in the 2015 Office of Personnel Management breach, so this was nothing new. Like many others, I now enjoy identity monitoring services for at least the next five years, and probably longer with this latest breach. At some point, Iím guessing it will be mine for life, since I donít see a time when this will stop occurring. Maybe in the future, identity monitoring services will be issued to new government employees, handed out like uniforms and boots in basic training. Despite the best efforts of the faceless bureaucrats in the Government Accounting Office, that seems to be the direction weíre heading.

No, Iím not angry. Iím not even surprised. Maybe a little disappointed. The form letter from DISA was the typical tripe you receive in these incidents, with no useful information and even less transparency. For once, Iíd like to receive a letter that actually explained what happened. In this case, the breach occurred months ago, plenty of time for DISA to identify the cause of the breach and offer some sort of explanation. It seems the least they could do, considering that 200,000 of us now need to be concerned that our personal data is, once again, on the loose. Was it Jeff and Tina, upset over being denied immortality in annual information assurance training? Was it Karen, leaking our data after being ridiculed with impunity on social media? Or was it Carl, tired of being told to shut up? We may one day know the answer, but we wonít hear it from DISA.

Instead, we hear the empty apologies: ďWe deeply regret any inconvenience the potential data breach may cause you.Ē Not to put too fine a point on the issue, but the only regret anyone feels comes from being forced to admit the breach. No one really cares if youíve been inconvenienced. No one is all that concerned about your personal data being compromised. The only thing that really matters is having to explain another entirely avoidable breach. Weíre collateral damage. Unfortunate, but really not all that important.

No, Iím not angry. One day, the truth behind the breach will be exposed: someone who fell prey to a phishing email, someone who left a government laptop sitting in the passenger seat of a rental car, someone who just didnít do their job securing our information. But nothing will change. Eventually, youíll get an email notifying you that your credit card information has been hacked. Youíll get a letter informing you that your financial data has been leaked. Youíll get a phone call telling you that your social security number has been frozen (you can ignore this one). This is the new normal.

The last sentence of the DISA form letter includes an email address and an offer to answer any questions or requests for more information. While I have zero confidence that such an email would produce any answers, Iím tempted to try. Iíll keep my expectations low, pretty much at the same level I have for them securing my personal information.

Steve Leonard is a former senior military strategist and the creative force behind the defense microblog, Doctrine Man!!. A career writer and speaker with a passion for developing and mentoring the next generation of thought leaders, he is a senior fellow at the Modern War Institute; the co-founder of the national security blog, Divergent Options, and the podcast, The Smell of Victory; co-founder and board member of the Military Writers Guild; and a member of the editorial review board of the Arthur D. Simons Centerís Interagency Journal. He is the author of five books, numerous professional articles, countless blog posts, and is a prolific military cartoonist.

O Almighty Lord God, who neither slumberest nor sleepest; Protect and assist, we beseech thee, all those who at home or abroad, by land, by sea, or in the air, are serving this country, that they, being armed with thy defence, may be preserved evermore in all perils; and being filled with wisdom and girded with strength, may do their duty to thy honour and glory; through Jesus Christ our Lord. Amen.

sendpm.gif Reply With Quote
Sponsored Links

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

All times are GMT -7. The time now is 09:29 AM.

Powered by vBulletin, Jelsoft Enterprises Ltd.