Cybersecurity

Pentagon probing report of leak from military email server

FILE - The Pentagon is seen from Air Force One as it flies over Washington, March 2, 2022. (AP Photo/Patrick Semansky, File)

The Defense Department’s U.S. Special Operations Command (USSOCOM) launched an investigation this week following a report that said that the unit had an exposed server that was leaking sensitive but unclassified emails online.

USSOCOM is a unit within the Department of Defense that conducts and oversees special operations in branches of the military including the army, navy, marine corps and the air force.

The open server was secured on Monday after being exposed for the past two weeks, according to TechCrunch, which first reported the leak.

A security error left the server without a password, according to TechCrunch, which means that anyone on the internet could access the data via the server’s IP address. 

USSOCOM spokesman Ken McGraw told TechCrunch on Tuesday that there is no sign that someone hacked the unit’s information systems.

A spokesperson for the U.S. Cyber Command sent The Hill the following statement.

“As a matter of practice and operational security, we do not comment on the status of our networks and systems. Our defensive cyber operators proactively scan and mitigate the networks they manage,” it reads.

“Should any incidents be discovered during these regular operations, we fully mitigate, protect, and defend our networks and systems. Any information or insight is shared with relevant agencies and partners if appropriate.”

What did the exposed server contain?

The server housed massive amounts of data that contained sensitive information, including personal and health information of federal employees seeking security clearance, according to TechCrunch.

Anurag Sen, a security researcher, reportedly found the open server over the weekend and alerted the news organization, which then alerted the agency.