A year after a cybersecurity incident, the US Department of Defense (DOD) began notifying affected individuals about exactly what happened.
In February 2023, cybersecurity researcher Anurag Sen discovered a US government email server that did not have a proper password to protect its contents; Essentially, it leaked confidential information to anyone who knew where to look.
The exposed email server was hosted on Microsoft's Azure government cloud for the Department of Defense, allowing it to share sensitive, but still unclassified, data. This service offers servers that are physically disconnected from commercial clients and was part of an internal mailbox system that contained about 3 TB of internal military emails, some of which referenced the US Special Operations Command (USSOCOM). ), a military unit that executes special operations.
Consequences yet to be determined
The database was secured a day after the news broke, but now, almost exactly a year later, DOD has begun sending emails to affected individuals, notifying them of the incident.
according to TechCrunch, the breach notification letter was sent on February 1 to approximately 20,600 people. He said that “a service provider inadvertently exposed numerous email messages to the Internet” between February 3 and 20, 2023.
“As a matter of practice and security of operations, we do not comment on the status of our networks and systems. The affected server was identified and removed from public access on February 20, 2023, and the provider resolved the issues that resulted in the exposure. DOD continues to collaborate with the service provider to improve the prevention and detection of cyber events. Notification to affected individuals is ongoing,” said DOD spokesperson Cdr. Tim Gorman in an email to TechCrunch.
While we now know how many people were affected by the breach, we still don't know if any threat actors found the database before Sen.
