Five spreadsheet files with personal data on approximately 28,000 sailors and family members were found on an open Web site, the U.S. Navy announced June 23.
The personal data included the name, birth date and social security number on several Navy members and dependents. The Navy said it was notified on June 22 of the breach and is working to identify and notify the individuals affected.
"There is no evidence that any of the data has been used illegally. However, individuals are encouraged to carefully monitor their bank accounts, credit card accounts and other financial transactions," the Navy said in a statement.
It said individuals affected by the breach will be contacted soon to ensure they have information on how to guard against identity theft. Information on how to watch for suspicious activity on personal accounts has been posted on the NPC (Navy Personnel Command) Web site.
The files have been removed from the site, and Navys chief of personnel is working with the law enforcement to determine how and when the files were placed on the Web and prevent future release of information of this type, the statement said.
The U.S. Navy becomes the third government department to confirm data loss through computer theft or server compromise. Earlier this week, the Agriculture department said about 26,000 of its employees and contractors could be at risk of identity theft after a hacker broke into its computer system.
A laptop stolen from a government employee in Maryland in May also exposed personal data on about 26.5 million veterans and current military troops.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.