Ellen Nakashima reports:
Chinese hackers who breached Google’s servers several years ago gained access to a sensitive database with years’ worth of information about U.S. surveillance targets, according to current and former government officials.
The breach appears to have been aimed at unearthing the identities of Chinese intelligence operatives in the United States who may have been under surveillance by American law enforcement agencies.
Read more on Washington Post.
Now why the heck would you put that type of sensitive law enforcement style data on google servers?
Not only that, if you think about it, how did the Chinese know to search for that data within, if that was truly what they were after?
Its all about ease of access. No one wants to take the time to jump through hoops to keep data secure. There are tons of ways to keep hackers out. But if you want to mix sensitive data in with common data and expose the data – and yourself – to hackers, then you too are as guilty. If there is no due Diligence nor Due Care, then the same thing will happen again and again.