icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
21 Feb, 2023 20:54

Pentagon server ‘leaked’ for weeks – researcher

Much of the data, which wasn’t even password protected, pertained to the US Special Operations Command
Pentagon server ‘leaked’ for weeks – researcher

The US Defense Department left three terabytes of internal military emails unprotected by so much as a password on Microsoft’s Azure government cloud for more than two weeks, security researcher Anurag Sen revealed to TechCrunch on Sunday.   

The vulnerability was finally patched on Monday, a day after the outlet contacted US Special Operations Command (USSOCOM) to alert it that years of sensitive personal data on a server comprising part of an internal mailbox system was freely available to view for anyone who had the right IP address. The Pentagon confirmed via a senior official on Monday that it had passed the information from TechCrunch on to USSOCOM.  

In addition to internal military email messages, some of which were years old, the server contained plenty of sensitive personnel information, including the detailed forms filled out by federal employees applying for security clearances. These 136-page questionnaires, known as SF-86, are desirable enough to foreign rivals that Washington believes Chinese hackers stole millions of them upon breaking into the US Office of Personnel Management.  

None of the information on the exposed server was believed to be classified, as USSOCOM’s classified networks are not accessible from the internet. 

It was unclear why the server was not password-protected, though a spokesman for USSOCOM told TechCrunch in an email that “We can confirm at this point…no one hacked US Special Operations Command’s information systems.”  

The spokesman did not answer when asked if the Defense Department kept logs that would show who besides Sen might have accessed the sensitive data, but said that an investigation into the vulnerability had been opened on Monday. 

The server was first observed to be spilling data on February 8, according to a listing on Shodan, a search engine for exposed systems and databases, cited by the outlet. 

Last month, a Swiss hacker claimed to have come across a copy of the US Transportation Security Administration’s ‘no-fly’ list on an unsecured server belonging to US regional and commuter airline CommuteAir.