Saturday, April 20, 2024

Pentagon Scrambles to Fix Email ‘Glitch’ Leaking Sensitive Military Info

The Azure cloud server had emails dating back many years, as a three terabyte system could contain millions of pages of communications...

(Joshua Paladino, Headline USA) The Pentagon has repaired a national defense breach after an internet security researcher discovered that he could access about three terabytes of military emails without advanced hacking techniques.

The researcher, Anurag Sen, discovered that he could access a military server, which seemed to contain communications involving US Special Operations Command, with a regular web browser, a standard internet connection and “without a password,” the Post Millennial reported.

He accessed the server on Feb. 8, and the issue was fixed on Feb. 20. The Pentagon and Microsoft have not found the cause of the breach, but they suspect human error.

The military stored the sensitive emails on Microsoft’s Azure government cloud, “which uses servers that are physically separated from other commercial customers and as such can be used to share sensitive but unclassified government data,” TechCrunch reported.

So far, the Pentagon has not found evidence that anyone accessed the server.

“We can confirm at this point is no one hacked U.S. Special Operations Command’s information systems,” said USSOCOM spokesperson Ken McGraw.

A Defense Department spokesperson refused to state whether the server can track unauthorized access to it.

The Azure cloud server had emails dating back many years, as a three terabyte system could contain millions of pages of communications.

Although Microsoft’s Azure server should not contain classified information, an email reportedly had a federal employee’s questionnaire that he or she used to obtain a government security clearance.

If the form were accessed by state actors or hackers, they would have found private information about the federal employee as well as a “significant amount of background information on security clearance holders valuable to foreign adversaries.”

The Pentagon let the US Office of Personnel Management suffer a data breach in 2015, when Chinese hackers stole about 21.5 million records of government employees that included Social Security numbers, fingerprints and addresses.

Copyright 2024. No part of this site may be reproduced in whole or in part in any manner other than RSS without the permission of the copyright owner. Distribution via RSS is subject to our RSS Terms of Service and is strictly enforced. To inquire about licensing our content, use the contact form at https://headlineusa.com/advertising.
- Advertisement -