MoD admits secrets have leaked on social-networking sites
By Barry Collins
Posted on 25 Jan 2010 at 11:23
The Ministry of Defence has admitted that confidential information has leaked onto social-networking sites and the internet 16 times in the past 18 months.
The MoD also revealed that ten staff have been disciplined for "misuse of social media" in the past year and a half.
The information came to light after Lewis PR - which counts security firm F-Secure among its clients - sent a Freedom of Information request to the MoD.
It's worrying that employees in sensitive positions have been sharing confidential information via Twitter and other means
The MoD's reply doesn't reveal the nature of the information that has been leaked onto the internet, nor detail the action taken against its staff.
The Ministry also refused to confirm whether any of the data leaks had led to its computer networks being compromised, claiming "it is not in the interest of the security of the MoD, or that of the public, to disclose detailed information pertaining to electronic breaches of security of the MoD's database or ICT systems".
It also adds that: "The Ministry Of Defence’s main networks do not permit access to internet-based social networking sites (including Facebook and Twitter), and this block has been in place for some years."
Nevertheless, it concedes that a "very small" proportion of MoD computers "dedicated for business use, outside of our major networks" do connect directly to the internet and do grant access to sites such as Facebook and Twitter.
Lowering their guard
F-Secure's chief research officer Miko Hypponen claims recent changes to Facebook's privacy settings make it even easier for leaks to occur. "It's amazing how many people drop their guard when they use social networking sites like Facebook and Twitter," Hypponen says.
"They might think they are confiding in friends or family when they go on Facebook. However, the recent changes in Facebook's privacy settings might make them disclose information to the world. This is a potential security risk.
"It's worrying that employees in sensitive positions have been sharing confidential information via Twitter and other means," he adds. "Loose Tweets can cost lives. In the future, The Ministry of Defence must do more to ensure their guidelines on internet use are adhered to."
- Google Glass: mugger bait, pub problem and other lessons learned from two dangerous weeks
- Twitter, please don't fiddle with my feed
- How Satya Nadella can get some pay-raise karma
- Windows 10: a step back to go forward
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- How to write your company's IT security policy
- The key to choosing a secure password
- Please stop reposting fake Facebook messages
- Is Facebook safe for business?
- Don't rely on Chrome's password vault
- Facebook Graph Search: don't panic
- Gmail drafts and Pastebin: could they evade the email snoops?
- Applying for a job at GCHQ? Here's your plain-text password
- Google two-step verification: a must for business email
- Yes, I write down my passwords