US military email server left exposed for 2 weeks, allowing internal emails to leak
A U.S. Department of Defense server was left exposed for the past two weeks, allowing internal emails to be accessed, a senior U.S. defense official confirmed with Fox News.
A misconfiguration with a Department of Defense server hosted on Microsoft Azure’s government cloud allowed the server to be accessed with a password, according to Tech Crunch, which reported that anyone with internet access could access mailbox data if they knew the server’s IP address and were using a web browser.
The server contained around three terabytes of military emails, with many related to the U.S. Special Operations Command, which is a military unit that conducts special operations.
According to the report, the emails inside the server appear to date years back and contain personal information, according to the report.
For example, one of the files left exposed contained a completed SF-86 questionnaire, which is a form filled out by government employees attempting to obtain a security clearance. The form asks for information such as the applicant’s Social Security number, address, as well as personal information of people that the applicant knows well.
The report states that none of the data hosted on the exposed server appears to be classified.
Tech Crunch reports that the exposed server was secured on Monday afternoon, about a day after it first reached out to the Pentagon.
U.S. Special Operations Command spokesman Ken McGraw told Tech Crunch in a statement, ‘We can confirm at this point is no one hacked U.S. Special Operations Command’s information systems.’
Fox News Digital reached out to Microsoft for comment.