The Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security Officials

Source Domain: www.wired.com

A data exposure at Dialog, the private events group cofounded by Peter Thiel, exposed personal information of multiple US national security personnel. These include an intelligence official on the National Security Council (NSC) and an active-duty intelligence officer supporting sensitive military operations, WIRED has learned. The Pentagon is now examining the matter.

Personal information about intelligence and military personnel is among the data most sought by foreign intelligence services, which use it to identify, surveil, and approach US operatives abroad and at home. For active-duty officers and the units they support, the exposure can add operational risks.

The White House asked WIRED to not name the NSC official on national security grounds but otherwise declined to comment about the exposure.

The Dialog exposure, which evidence shows was enabled by a misconfigured website, included the private information and login tokens of 222 Dialog event registrants, including current and former senior military and national security officials from the United States and its allies.

Among them are the NSC official, whose role includes advising President Donald Trump and the national security adviser on sensitive intelligence programs, and a person identified in the records as an active-duty intelligence officer embedded with a “Tier 1” special operations unit.

According to the records, neither has a prior history with Dialog; both were invited and registered as new participants for the group’s retreat this August outside Dublin, Ireland.

Dialog has internally characterized the exposure as a “cyberattack,” but WIRED found that the files appear to have been exposed because of a misconfiguration in the group’s own website. Anyone could create an account with an email address, log in, and access the files simply by loading a landing page for the group’s app. The discovery began with a tip first received by a Swiss DJ and cybersecurity researcher, maia arson…

Source