Veterans and active duty members near separation from the service including intelligence personnel who were seeking employment had their personal information including their resumes left unsecured and available for public consumption. Thousands of files were in the open until being discovered earlier this year.
TigerSwan, a North Carolina-based private security firm had files dating back to 2009 on job applications left unsecured for anyone making an open source search. TigerSwan on Saturday blamed TalentPen, a third-party recruitment company, who they said worked for them during the time period.
The files, largely resumes, mostly came from members of the military, but also included intelligence veterans, a police chief, and a United Nations worker in the Middle East. The files included personal contact information, such as addresses, phone numbers and private email addresses.
In February, when TigerSwan canceled its contract with TalentPen, TigerSwan claims the recruiter used Amazon cloud services to transfer the resumes it had amassed to TigerSwan.
TigerSwan said that transfer was conducted using high-end encryption and TalentPen was supposed to immediately delete the files. But the files remained on the site and due to an apparent security setting misconfiguration, those files were not encrypted.
TigerSwan said it wasn’t aware of the problem until August 31 and believes that a former recruiter for TalentPen had left the files on-line. TalentPen has dissolved but a former account manager said that there was still activity on their account.
Any veterans who have applied for any positions thru TigerSwan should contact the company and check to see if their records have indeed been compromised.
To read the entire article from The Hill, click here:
Photo courtesy Wikipedia