Three Terabytes of Internal Military Emails to and From U.S. Special Operations Command Left Wide Open For Two Weeks

The technological incompetence of the Biden-Harris regime’s Pentagon was put on display in a dangerous way once again this month as a server used for sensitive emails, including to and from USSOCOM and military contractors, was left open to anyone with a web browser. Until Monday, it didn’t even have a password and has been in that condition for at least two weeks.

According to Techcrunch:

The exposed server was hosted on Microsoft’s Azure government cloud for Department of Defense customers, which uses servers that are physically separated from other commercial customers and as such can be used to share sensitive but unclassified government data. The exposed server was part of an internal mailbox system storing about three terabytes of internal military emails, many pertaining to U.S. Special Operations Command, or USSOCOM, the U.S. military unit tasked with conducting special military operations.

But a misconfiguration left the server without a password, allowing anyone on the internet access to the sensitive mailbox data inside using only a web browser, just by knowing its IP address.

Anurag Sen, a good-faith security researcher known for discovering sensitive data that has been inadvertently published online, found the exposed server over the weekend and provided details to TechCrunch so we could alert the U.S. government.

The server was packed with internal military email messages, dating back years, some of which contained sensitive personnel information. One of the exposed files included a completed SF-86 questionnaire, which are filled out by federal employees seeking a security clearance and contain highly sensitive personal and health information for vetting individuals before they are cleared to handle classified information. These personnel questionnaires contain a significant amount of background information on security clearance holders valuable to foreign adversaries. In 2015, suspected Chinese hackers stole millions of sensitive background check files of government employees who sought security clearance in a data breach at the U.S. Office of Personnel Management.

Security clearance data is among the most sought-after by our enemies. It allows foul players to compromise those who may have access to top secret information, plans, or technology. If any of our enemies exploited this vulnerability, the repercussions could be disastrous for years to come.

Leave a comment about this story on our Substack.