Application security

Pentagon questions validity of data tweeted by the Islamic State Hacking Division

The Pentagon is investigating the release over more than 1,400 names, emails and passwords belonging to U.S. military, state and federal government personnel that was uploaded to Twitter on Tuesday by a group calling itself the Islamic State Hacking Division.

Pentagon spokesman Lt. Col. Jeffrey Pool told SCMagazine.com that the information released appears to be either old or incorrect.

“The passwords listed do not pass in any form our strength test,” Pool said, comparing them to a password the average person would quickly create in order to register online for an event.

In addition, Pool said the email addresses themselves do not conform to the format currently in use, but instead reflect an older configuration that has been out of use for several years.

Pool could not say how the group obtained the information, but said that since the list of names included many from outside the military that the Federal Bureau of Investigation (FBI) had taken over that aspect of the investigation.

Several Australian names were also included on the list.

While the Pentagon is taking the threat seriously, Pool said it has not increased its threat stance or asked its members for additional vigilance due to the data dump.

This is not the first time a pro-ISIS group has caused a problem for the Department of Defense. A group called CyberCaliphate compromised the U.S. Central Twitter and YouTube accounts in January and Cyber Command in May.

This incident is not associated with an attack last month on the Pentagon‘s unclassified email system that impacted 4,000 email accounts.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.