By Sarah Newton-John • 22 February 2023 • 11:27
Server left exposed/Shutterstock Images
It has been revealed by tech company TechCrunch that a misconfiguration left the server without a password meaning that anyone knowing the IP address of the server could access the sensitive mailbox data, using only a web browser.
The server was full of email messages within the military some of which contained personnel data, employee security clearances and health information. None of the data seen by TechCrunch appears to be classified. The data seems to be consistent with the USSOCOM’s civilian network.
A good faith security researcher, Anurag Sen, found the breach and alerted TechCrunch who alerted the US government. A search engine called Shodan, which trawls the web for exposed systems, lists that the terabytes of data were spilt from February 8. Human error seems to be the likely cause of the misconfiguration.
USSOCOM spokesperson Ken McGraw said in an email on Tuesday that an investigation, which began Monday, is underway. “We can confirm at this point is no one hacked U.S. Special Operations Command’s information systems,” said McGraw.
