Microsoft and Pentagon investigating leaked, sensitive military emails
FOX Business Flash top headlines for February 22
Check out what’s clicking on FoxBusiness.com
The Dept. of Defense and Microsoft are investigating an unsecured server that exposed emails and data from the U.S. Special Operations Command (USSOCOM) containing sensitive but unclassified information.
The server, which was part of a mailbox system hosted on the Microsoft Azure Government Cloud, was misconfigured in a way that allowed anyone to access it through a web browser without a password as long they knew the server’s IP address. A "white hat" security researcher informed TechCrunch of the vulnerability so that the outlet could alert the government, which secured the server on Monday.
While no classified emails were exposed in the breach, about three terabytes of data from the server were exposed, including emails dating back several years containing conversations between officials and sensitive personnel documents.
TECH GIANTS’ CLOUD PAINS AREN’T SHARED EQUALLY
US Pentagon in Washington DC building looking down aerial view from above (iStock) At least one of the exposed files reviewed by TechCrunch included a completed SF-86 questionnaire, which is a document government employees fill out when they’re pursuing a security clearance and includes sensitive information like a Social Security number and personal health information. The 136-page SF-86 form often contains information about family members, foreign contacts, and psychological information, in addition to information about the applicant’s work history and past living arrangements. MICROSOFT AI CHATBOT THREATENS TO EXPOSE PERSONAL INFO AND RUIN A USER’S REPUTATION The breach involved a server for the government’s Microsoft Azure cloud storage service. (David Paul Morris/Bloomberg via Getty Images / Getty Images) Personnel files like the SF-86 have proven to be attractive targets for adversarial governments, as demonstrated in 2014 and 2015 when state-sponsored hackers who were suspected of acting on behalf of the Chinese government breached the Office of Management and Budget (OMB). The OMB hack proved to be one of the largest breaches involving government data in U.S. history and included the theft of background check information, personal records including financial data, and even more than 5 million fingerprints. GET FOX BUSINESS ON THE GO BY CLICKING HERE Microsoft referred FOX Business to the Dept. of Defense regarding the matter. The Dept. of Defense didn’t immediately respond to a request for comment regarding the investigation into the exposed USSOCOM server. Source: Read Full Article
