NELLIS AIR FORCE BASE, Nev. — Terrorists, identity thieves and hackers are focused on stealing information, especially from military members.
This is why the Air Force is so determined to protect it.
“People are out there looking to use other people’s Personal Identifying Information for their own benefit with no regards to how it will affect the victim,” said Susan Cunningham, 99th Communication Squadron Freedom of Information Act manager.
PII is any information that is specific to a person such as name, age, Social Security number, and phone number.
“PII is what you own personally,” said Valerie Bufano, 99th CS base records manager. “You own your birthday, your name and your gender.”
Whether intentional or accidental, the release of PII can cause serious problems and even put Airmen, their families and the Air Force at risk.
“Any portion of your Social Security Number can be used to steal your identity,” Cunningham said. “The bad guys don’t care who they are hurting, even infants can be targets of identity theft.”
Most incidents involving PII are careless mistakes that could cause serious damage in the wrong hands.
“Once information is out there, it’s out there for good,” Bufano said.
This is why operational security is so important and ensuring steps are taken to protect this information.
“We have access to information [that] bad guys want,” said Maj. Lara Riley, 99th Air Base Wing installation OPSEC manager. “Our [Non-Secure Internet Protocol Router Network] systems are not invulnerable. Modern day technology makes it easier than ever for people to steal information.”
“Recall and social rosters are commonly mishandled,” Cunningham said. “[That kind of] personal information is important.” They are constantly emailed without being encrypted or stored on the share drive.”
According to Air Force Instruction 33-332, Disclosing Records to Third Parties, no one should put PII such as Recall Rosters on share drives or send them through unencrypted emails such as a personal email address.
The Privacy Act of 1974 states people should safeguard records, keep them the minimum time required, and dispose of them according to disposition instructions.
“The best way to prevent an incident is to think [OPSEC] on a daily basis,” Riley said. “Nobody can force you to release your PII.”
Protecting this information is everyone’s responsibility.
“It’s in the AFI, everybody has the responsibility whether you’re active duty, a contractor or a civilian, we all have that same obligation to protect PII,” Cunningham said.
For questions about PII or to report a breach, call the 99th CS Privacy Act office at (702) 652-9821.