The U.S. Army on Friday confirmed that a hard drive was either stolen or lost from the Army Corp of Engineers’ Southwestern Division in Dallas, exposing the names and Social Security numbers of more than 60,000 soldiers and civilian personnel.
Most of the data files were from soldiers who went before the 2008 sergeant first class and 2008 master sergeant promotion boards, the Army Corps of Engineers said in a statement. Other soldiers affected included those were considered for colonel promotion in 2007 and lieutenant colonel promotion in 2009.
“Right now the focus is on investigating [the incident], alerting people who may be affected and taking measures to make sure it doesn’t happen again,” Maj. Mark Young of the Corps of Engineers told the Army Times.
The Army is in the process of notifying all 60,000-plus individuals by e-mail that their personal data may have been compromised in the data breach.
“Those who may be impacted by this incident will be notified electronically through the Army Knowledge Online Web site, or by mail,” the Southwest Division said in a statement. Thus far, it added, there have been no known cases of identity theft associated with the lists stored on the wayward drive.
In 2008, another 30,812 soldiers who were considered by the 2008 sergeant first class board were notified that their data had been compromised when an unauthorized person accessed the database.
According to the nonprofit Open Security Foundation, there have been almost 400 major data breach incidents this year at major universities, military bases and private-sector corporations.
Earlier this year, the personal data contained in 6,675 files maintained by the Boston University Army ROTC battalion were compromised along with 130,000 solider files maintained by the Army National Guard.
According to a study conducted by the security research group the Ponemon Institute, more than 800,000 data-sensitive memory devices, including USB drives, hard drives and laptops, are either lost or stolen each year.