You need to login to view this link
In what seems like a mind-boggling mishandling of America’s most sensitive national security information, the soldiers accidentally revealed “not just the bases” where the nukes were stored but, in two cases, also “the exact shelters with ‘hot’ vaults that likely contain nuclear weapons,” writes Foeke Postma, a researcher with the OSINT-focused investigative team Bellingcat. They also revealed a whole bunch of other data, from information about secret codes, passwords, and local security layouts.
Amazingly, the troops used common study apps like Chegg, Cram, and Quizlet to store really sensitive data about European nuke bases and then seemingly forgot to change the apps’ settings from public to private, Postma’s research suggests. Some of the same soldiers also apparently left their usernames public-facing, which “included the full names of the individuals who created them,” while also using the same photos they had stored on their LinkedIn profiles—making them easy to track down.
Postma claims he was able to ascertain much of this information merely by Googling official terms and acronyms associated with the U.S. nuclear weapons program. When he did, he found a public-facing set of 70 flashcards entitled “Study!” that revealed information related to the apparent nuclear inventory at Volkel Air Base in the Netherlands (a long-rumored locale of a U.S. nuke stockpile). More horrifyingly, Postma claims that subsequent open-source searches discovered more flashcard caches, which collectively revealed “details of vaults at all the other bases in Europe that reportedly host nuclear weapons.”
Some flashcards detailed the number of security cameras and their positions at various bases, information on sensors and radar systems, the unique identifiers of restricted area badges (RAB) for Incirlik, Volkel, and Aviano as well as secret duress words and the type of equipment carried by response forces protecting bases.
“The scale to which soldiers have uploaded and inadvertently shared security details represents a massive operational security failure,” said Postma. “Due to the potential implications around public safety, Bellingcat contacted NATO, US European Command (EUCOM), the US Department of Defence (DoD), and the Dutch Ministry of Defence (MoD) four weeks in advance of this publication.” Since then, the flashcards associated with these leaks have been taken down, Postma writes, although Motherboard reports that some remain available on the Wayback Machine.