The U.S. Air Force is notifying more than 33,000 airmen of a security breach in an online system containing their personal information.
An attacker used a legitimate user’s login information to access and/or download sensitive data from the online Assignment Management System (AMS).
Used for assignment preferences and career management, AMS contains some personal information such as birth dates and Social Security numbers of officers and enlisted members.
According to Lt. Col. John Clarke, Air Force Personnel Center deputy director of personnel data systems, the attacker accessed about half of the officer force’s individual information. Only a handful on noncommissioned officers were affected.
Air Force Personnel Center officials alerted Air Force and federal investigators of unusally high activity on a single user’s account, prompting the breach notifications.
Maj. Gen. Tony Przybyslawski, AFPC commander, said in a statement that airmen were notified as quickly as possible.
“We notified the individuals involved outlining what happened and how they can best insulate themselves from this potential risk,” he said. “We’ve taken steps to increase our system security. We’re working with the Air Force agencies to identify vulnerabilities. We must keep our data protected.”