Data Breach Exposes RAF Staff To Blackmail 153
Yehuda writes "Wired reports, 'Yet another breach of sensitive, unencrypted data is making news in the United Kingdom. This time the breach puts Royal Air Force staff at serious risk of being targeted for blackmail by foreign intelligence services or others.
The breach involves audio recordings with high-ranking air force officers who were being interviewed in-depth for a security clearance. In the interviews, the officers disclosed information about extra-marital affairs, drug abuse, visits to prostitutes, medical conditions, criminal convictions and debt histories — information the military needed to determine their security risk.
The recordings were stored on three unencrypted hard drives that disappeared last year.'"
Re:Since the RAF already knows... (Score:1, Informative)
No. someone can blackmail them by threatening to go public. What it does though is make the staff involved a security risk to the RAF. After all, if they can be blackmailed, they can't be trusted any more.
Re:please explain (Score:5, Informative)
Drug using: As long as it isn't in the last year, it isn't an instant fail
Hooker-banging: Not a crime
Ex-cons: In the UK, the Rehabilitation of Offenders Act means that after a certain period of time a conviction can be considered "spent"
Re:Since the RAF already knows... (Score:2, Informative)
Actually the whole point about these interviews is to screen out people who are susceptible to blackmail. If you had an extra-marital affair and your wife doesn't know, then you either tell your wife or you don't get security clearance.
RIPA, DV and Protectively Marked assets (Score:2, Informative)
This has nothing to do with the Regulation of Investigatory Powers Act. If some ne'er-do-well has stolen the hard drive, RIPA is not going to entitle them to the key to decrypt it, nor does it make encrypting it in the first place illegal! CESG ( http://www.cesg.gov.uk/ [cesg.gov.uk] ) assesses a wide variety of cryptographic products as to their suitability for handling protectiveloy marked information, and some of these are restricted to HMG use only!
The paper forms for Developed Vetting themselves are marked "RESTRICTED STAFF (when completed)". See http://www.cabinetoffice.gov.uk/spf/faqs.aspx [cabinetoffice.gov.uk] for information about protectively marked assets, and the DV forms themselves at http://www.hmgcc.gov.uk/clearance.aspx [hmgcc.gov.uk].