The U.S. Department of Defense has recently notified around 20,600 individuals about a data breach that occurred due to an email spill from a cloud server. The breach, which took place between February 3 and February 20, 2023, resulted in the exposure of sensitive information belonging to the Defense Intelligence Agency.
Key Takeaway
The U.S. Department of Defense has notified over 20,000 individuals about a data breach resulting from the exposure of sensitive military emails due to an unsecured cloud email server. The incident has raised concerns about the security of the U.S. military’s internal communications.
Cloud Email Leak
The breach notification letters sent to the affected individuals revealed that the incident was caused by an unsecured U.S. government cloud email server hosted on Microsoft’s cloud for government customers. The server was accessible from the internet without a password, likely due to a misconfiguration, leading to the exposure of numerous email messages.
Response from the DOD
Following the discovery of the breach, the affected server was promptly identified and removed from public access on February 20, 2023. The DOD has also been working with the service provider to enhance cyber event prevention and detection. The notification process for the affected individuals is currently ongoing.
Security Concerns
The exposed data included sensitive personnel information and questionnaires by prospective federal employees seeking security clearances. This incident raised concerns about the security of the U.S. military’s internal communications, particularly those related to the U.S. Special Operations Command.
Investigation and Resolution
It was reported that the cloud email server was secured on February 20, 2023, after the incident was escalated to senior U.S. government officials. However, it remains unclear why the DOD took a year to investigate the breach and notify those affected.