Last Tuesday, news outlet TechCrunch reported that the US Department of Defense had secured a server that was formerly unprotected and had been leaking internal US military emails. The emails were accessible to those who knew where to look for them, according to TechCrunch. The server was reportedly hosted on Microsoft Azure and was part of an internal government mailbox system. The server stored terabytes of emails, meaning that there was a large trove of information accessible to the public for an unknown amount of time. A simple misconfiguration allowed anyone who knew the server’s IP address to access the data via a web browser. No password was needed to access the data.
The exposed server was discovered by a security researcher named Anurag Sen, who promptly reported the details to the appropriate groups. The data had reportedly been exposed for two weeks, but it is unclear whether any other individual besides Sen accessed it during this time period. A US Special Operations Command Spokesperson reported that there was no hack to its information systems and that the data leak was the result of a misconfiguration.
Read More: Sensitive US Military Emails Exposed