Washington, D.C. -- Today, the Department of the Navy made public a massive security breach of the personal data of 28,000 Navy sailors and their families.  Rep. Ed Markey, the Co-Chair of the Congressional Privacy Caucus, sent a letter to Defense Secretary Rumsfeld to ask for a detailed explanation of how this could occur, what notification was in place to alert families, and why a letter on this very subject written by Markey last year went unanswered.  Markey also called on free credit monitoring to be offered to the sailors and their families immediately.  A copy of the letter can be found here: Letter to Rumsfeld1.pdf

Rep. Markey said today, "The Government used to warn Sailors that 'Loose Lips Sink Ships,’ but today's revelations remind us that 'Loose Links' can sink privacy protections for our military personnel too.  The Defense Department needs to immediately close the breach, answer important questions for those Navy families, and provide them with free credit monitoring immediately."

The following is a release from the Department of the Navy:

Navy Personal Data Found on Web site

(Washington) - Personal data on approximately 28,000 Navy Sailors and family members was discovered on a civilian web site this week, and the Chief of Naval Personnel is working to identify those individuals affected to notify them individually. The Navy Personnel Command call center in Millington will be manned for Sailors to call and see if their personal data was on the list. The number is 1-866 U ASK NPC (1-866-827-5672).  

The Chief of Naval Personnel was notified Thursday that an open web site contained five spreadsheet files with personal information, including the name, birth date and social security number on several Navy members and dependents.  

Individuals affected by this will be contacted soon by the Navy to ensure they have information on how to guard against identity theft.  In addition, information on how to watch for suspicious activity on personal accounts is posted on the NPC web site - www.npc.navy.mil <http://www.npc.navy.mil>.  

The initial discovery was reported to the Navy Cyber Defense Operations Command, part of the Naval Network Warfare Command, by Joint Task Force Global Network Operations, a component of US Strategic Command  responsible for directing the operation and defense of the DoD’s global information grid.  

The files have been removed from the site, and the Chief of Naval Personnel is working with Naval Network Warfare Command, Naval Criminal Investigative Service and other commands to determine how and when the files were placed on the Web and prevent future release of information of this type.

There is no evidence that any of the data has been used illegally.  However, individuals are encouraged to carefully monitor their bank accounts, credit card accounts and other financial transactions.

June 23, 2006

CONTACT: Israel Klein