Topics
up-to-the-minute
AI
Amazon
Image Credits:MirageC / Getty Images
Apps
Biotech & Health
Climate
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fundraise
Gadgets
gage
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
privateness
Robotics
Security
societal
Space
inauguration
TikTok
Transportation
Venture
More from TechCrunch
event
Startup Battlefield
StrictlyVC
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
The U.S. Department of Defense is apprise tens of one thousand of individuals that their personal entropy was exposed in an email information tumble last year .
accord to the rupture notice letter of the alphabet get off out to impact individuals on February 1 , the Defense Intelligence Agency — the DOD ’s military intelligence operation delegacy — said , “ numerous e-mail substance were unwittingly exposed to the cyberspace by a service supplier , ” between February 3 and February 20 , 2023 .
TechCrunch has learned that the breach disclosure missive relate toan unbarred U.S. government swarm e-mail waiter that was spilling sensible email to the loose internet . The cloud electronic mail host , hosted on Microsoft ’s cloud for government customers , was accessible from the cyberspace without a password , likely due to a misconfiguration .
The DOD is ship breach notification letters to around 20,600 individuals whose selective information was affected .
“ As a matter of practice and operations security , we do not annotate on the condition of our web and systems . The affected server was identified and hit from public access on February 20 , 2023 , and the seller has dissolve the issues that resulted in the picture . DOD continues to occupy with the table service supplier on meliorate cyber event prevention and detection . presentment to affect individual is on-going , ” said DOD spokesperson Cdr . Tim Gorman in an email to TechCrunch .
DefenseScoopfirst reportednews of the breach notification letters .
TechCrunchexclusively reported in February 2023 that the DOD was spilling about three terabytes of internal military email , some of which touch to U.S. Special Operations Command , or SOCOM , which carry out special military operations overseas . Some of the exposed information included sore personnel office information and questionnaire by prospective Union employee seek certificate clearance .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
Anyone with the public IP address of the exposed cloud email server could get at the sensitive but unclassified emails inside using only a World Wide Web web internet browser .
Security researcher Anurag Sen discover the exposed data spill online and asked for TechCrunch ’s helper in report the information exposure to the U.S. administration . TechCrunch report the spillway to SOCOM on February 19 . The cloud email host was stop up on February 20 after TechCrunch escalated the incident to senior U.S. government officials after not try back .
It ’s not clear for what reason the DOD took a class to inquire the incident or send word those affected .
A voice for Microsoft did not reply to a postulation for comment .
Sensitive US military email spill online
