A group claiming to be the “Islamic State Hacking Division” has published a list of names, addresses, and photos of some 100 US military personnel. It claims to have obtained this information from successful cyber-attacks on military servers and databases, although the Pentagon has denied that any of its systems have been breached.
While the information posted looks legitimate, the New York Times notes that it appears to have come from publicly available information found in social media, public records, and residential address searches. The NYT also quoted officials who said that the list of names appears to have been drawn up from personnel who appeared in news pieces about US military action against the Islamic State.
Even if IS did not breach any military networks, the fact that it could gather so much information about potential targets from a quick Google search reveals just how much information we share on a daily basis. This is not a new occurrence, but it is a potentially lethal new twist to the whole story. The listing was made public for “lone wolf” IS supporters to attack these individuals.
IS supporters have proven to be extremely adept at using social media to spread their agenda and recruit new fighters. It is not unusual to see the group post information about the terrorist group’s exploits on their Twitter and Facebook pages. Most social media companies take steps to take down the content, and more recently IS social media has also come under attack by hacktivist collective Anonymous.
Pentagon officials has advised its personnel to observe appropriate operational security, and it is uncertain if the list will lead to any new potential threats. On the other hand the accuracy of the information is questionable, as the posting includes the rank of some personnel but not others.