Thousands of Job Applicants Citing Top Secret US Government Work Exposed in Amazon Server Data Breach
Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year.
The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement on Saturday, TigerSwan implicated TalentPen, a third-party vendor apparently used by the firm to process its new job applicants.
“At no time was there ever a data breach of any TigerSwan server,” the firm said. “All resume files in TigerSwan’s possession are secure. We take seriously the failure of TalentPen to ensure the security of this information and regret any inconvenience or exposure our former recruiting vendor may have caused these applicants. TigerSwan is currently exploring all recourse and options available to us and those who submitted a resume.”
TalentPen could not be immediately reached for comment and Gizmodo could not independently confirm the company’s involvement. During conversations with Gizmodo, TigerSwan repeatedly refused to provide any documentation showing TalentPen was at fault.
Found on an insecure Amazon S3 bucket without the protection of a password, the cache of roughly 9,400 documents reveal extraordinary details about thousands of individuals who were formerly and may be currently employed by the US Department of Defense and within the US intelligence community.
Other documents reveal sensitive and personal details about Iraqi and Afghan nationals who have cooperated and worked alongside US military forces in their home countries, according to the security firm who discovered and reviewed the documents.
The files, unearthed this summer by a security analyst at the California-based cybersecurity firm UpGuard, were discovered in a folder labelled “Resumes” containing the curriculum vitae of thousands of US citizens holding Top Secret security clearances—a requirement for their jobs at the Central Intelligence Agency, the National Security Agency, and with the US Secret Service, among other government agencies.
Many of the files are timestamped and indicate that they were uploaded to the server in mid-February. Gizmodo has yet to confirm how long the information has been publicly accessible.
Founded in 2008 by former a Delta Force operative, retired US Army Lt. Colonel James Reese, TigerSwan has operated on behalf of the U.S. military and State Department in Iraq and Afghanistan, as well as domestically on behalf of corporations. The firm reportedly employs a staff of roughly 350 with offices across the Middle East, in North and West Africa, Latin America, and Japan.
Beyond its battlefield utility, TigerSwan International has provided construction and security services in Saudi Arabia, where the firm is licensed by the monarchy’s general investment authority; protection details for corporate sponsors and wealthy sports fans during 2014 Sochi Olympics in Russia; and more recently, TigerSwan aided US law enforcement tasked with countering protests around the construction of the Dakota Access pipeline.
Due to the number of resumes involved, the full impact of the breach has yet to be fully realized. Some of the applicants were apparently involved in very sensitive and highly-classified military operations. According to UpGuard, at least one of the applicants cited his involvement in the transportation of nuclear weapons components and activation codes. Another applicant referenced his employment at the infamous Abu Ghraib black site near Baghdad, where prisoners are known to have been tortured.
Other applicants, who provided their home address, as well as personal email accounts and phone numbers, have been employed—and may currently be employeed—within the US intelligence community for work on on top secret programs, according to UpGuard. A Gizmodo investigation into the potential consequences of the breach was interrupted on Saturday after TigerSwan went public with a statement on its website.
The repercussions for foreign nationals who applied to work at TigerSwan, and who currently live in conflict zones such as Iraq, has not yet been fully assessed.
This article will be updated as more information becomes available.
Kate Conger contributed additional reporting.
This article is reprinted by permission from