Sensitive U.S. military emails were exposed because of a simple DoD cloud server error.
(Photo : Photo by FADEL SENNA/AFP via Getty Images)
A member of the Moroccan Royal Armed Forces looks on as US army AH-64 Apache attack helicopters fly over during the second annual "African Lion" military exercise in the Tan-Tan region in southwestern Morocco on June 30, 2022.
These sensitive, but unclassified emails were left open to the public for the past two weeks.
Thankfully, the U.S. Department of Defense was able to fix the issue on Monday, Feb. 20.
"We can confirm at this point is no one hacked U.S. Special Operations Command's information systems," said Ken McGraw, the USSOCOM spokesperson.
US Military Emails Exposed Due to Simple Error in DoD Server
According to TechCrunch's latest report, a good-faith cybersecurity expert reached out to them regarding the issue with a DoD cloud server.
(Photo : Photo by Adam Berry/Getty Images)
A participant looks at lines of code on a laptop on the first day of the 28th Chaos Communication Congress (28C3) - Behind Enemy Lines computer hacker conference on December 27, 2011 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants.
Also Read: Taiwan Military Discovers Suspected Chinese-made Weather Balloon Crashed Near Coastline
Anurag Sen told the publishing company that a Department of Defense email server, which is hosted on Microsoft's Azure government cloud, was left exposed for weeks.
This DoD server is part of an internal mailbox system, which stores around three terabytes of internal U.S. defense-related emails.
Most of the data stored are from the U.S. Special Operations Command (USSOCOM). However, these emails were exposed to the internet because of a misconfiguration.
This issue left the DoD cloud server without a password.
What US Military Emails Were Exposed?
Although the U.S. military emails recently exposed were unclassified, most of them still contain very sensitive information.
Some of these emails even dated back many years ago. Among the exposed emails is a completed SF-86 questionnaire.
This file is the one filled out by federal employees who are seeking a security clearance. This means that the email contains private details, such as health information for vetting individuals.
But, as explained by the USSOCOM spokesperson, no data was hacked when the DoD server was left with no password.
If you want to learn more details about the recently exposed DoD cloud server, just click here.
In other news, a new crypto malware was discovered targeting cryptocurrency investors in the United States and the United Kingdom.
Meanwhile, Eurostar customers were advised to reset passwords after a security loop issue was identified.
For more news updates about cybersecurity threats, always keep your tabs open here at TechTimes.
Related Article: North Korea's APT37 Hacker Group Deploys New Malware Against Phones, Windows PC to Access Files
