Spies created a fake Facebook account in the name of NATO's senior-most commander to steal his personal details.
Senior British military officers and Ministry of Defence officials are believed to have been among those who accepted "friend requests" from the bogus account for American Admiral James Stavridis, The Telegraph reports.
The security breach revealed a trove of personal information to spies, including names, personal email addresses, dates of birth, clues about their home address and personal and family pictures online.
NATO officials are reluctant to publicly blame anybody for the attack but in classified briefings, military officers and diplomats were told the evidence pointed to "state-sponsored individuals in China".
NATO has advised senior officers and officials, including Admiral Stirvis to open their own social networking pages to prevent a repeat of such incident.
Officials at SHAPE, the Supreme Headquarters Allied Powers Europe confirmed that its commander had been targeted but refused to comment on the origin of the security breach.
"This type of compromising attempts are called "Social Engeneering" and has nothing to do with hacking" or espionage. Discussions/chats/postings on Facebook are of course only about unclassified topics,” a SHAPE spokesperson said.
"There have been several fake supreme allied commander pages. The most important thing is for Facebook to get rid of them. First and foremost we want to make sure that the public is not being misinformed. Social media played a crucial role in the Libya campaign last year,” a NATO official added.
The so-called "spear fishing" exercise is the latest tactic in the wide- ranging use of the Internet to spy on key Western figures and to steal their secrets.
