The U.S. Department of Defense has notified tens of thousands of individuals that their personal information was compromised in last year's email data breach.
According to a breach notification letter sent to affected individuals on February 1st, the Defense Intelligence Agency, the Pentagon's military intelligence agency, said that between February 3rd and February 20th, the A number of email messages were accidentally published on the Internet.” , 2023.
TechCrunch has learned that this breach disclosure document relates to an insecure US government cloud email server that was leaking sensitive emails to the open internet. The cloud email server, hosted on Microsoft's cloud for government customers, was accessible from the Internet without a password, likely due to a misconfiguration.
DOD has sent breach notification letters to approximately 20,600 people whose information was affected.
“As a matter of practice and operational security, we do not comment on the status of our networks and systems. The affected servers were identified and removed from public access on February 20, 2023, and the vendor responsible for the exposure “DOD continues to work with service providers to improve the prevention and detection of cyber events. Notification of affected individuals is ongoing,” said Department of Defense spokesperson Cdr. Stated. Tim Gorman said in his email to TechCrunch:
DefenseScoop first reported the news of the infringement notification letter.
TechCrunch exclusively revealed in February 2023 that the Pentagon had leaked approximately 3 terabytes of internal military emails, some of which were related to the U.S. Special Operations Command (SOCOM), which conducts special military operations overseas. reported. The leaked information included highly confidential personnel information and questionnaires submitted by candidates for federal employment seeking confidential information.
Anyone with the public IP address of an exposed cloud email server could potentially access your internal sensitive but unclassified email using just a web browser.
Security researcher Anurag Sen discovered the exposed data leaked online and asked TechCrunch for help in reporting the data exposure to the US government. TechCrunch reported the breach to SOCOM on February 19th. The cloud email server was secured on February 20th after TechCrunch escalated the incident to US government officials due to lack of response.
It is not clear why it took the Pentagon a year to investigate the incident and notify those affected.
A Microsoft spokesperson did not respond to a request for comment.