Classified of the Pentagon that have leaked data in the cloud

Getty Images

Classified Pentagon database was mistakenly left exposed in a public assurance of cloud server, cyber security, researchers have discovered.

The 100 GB of data from a failed joint intelligence-sharing program run by the U.S. Army and the National Security Agency in 2013.

The information was left in a listed public but Amazon Web Services storage server.

It is likely that it has been made accessible to any person in the internet for years.

The exposed data was discovered by cyber-security company UpGuard the 27 of September.

Virtual disk snapshot of a hard disk of the computer is located in the Amazon Web Services S3 cloud storage account configured for public access.

The hard drive had been part of an error in the cloud-based intelligence-sharing platform developed by Inscom, the u.s. Army’s Intelligence and Security Command, in May of 2013. Confidential data leaked

The files include sensitive information about the US Department of Defense the field of battle-the intelligence system, its cloud-based intelligence-gathering platform, Red Disk, and a virtual drive for transmit and receive classified data.

The files also contain private keys and password hashes, which could be used to access other internal systems in the Pentagon, if the passwords are valid and the hash is broken.

“Put simply, the digital tools necessary to access networks that are based on the multiple Pentagon intelligence agencies for the dissemination of information should not be available to either enter a URL in a web browser,” UpGuard of cyber-resilience analyst, Dan O Sullivan, wrote in a blog post.

“Unfortunately, this cloud leak was entirely avoidable, the probability that the result of errors in the process within an IT environment that lacked the necessary procedures to ensure something as shocking as a repository of data that contain classified information will not be left at the disposal of the public.”

The information has been secured.

The NSA refers to all requests from the media to Inscom, which has been contacted by the BBC for comment.