Military Investigation Launched After Report of Pentagon Email Leak

Military Investigation Launched Into Pentagon Email Leak

( – The Defense Department’s (DOD) Special Operations Command (SOCOM) plays an important role in the United States. It’s an elite command that helps the military navigate hostage rescue missions and counterterrorism globally, so security is of the utmost importance. Yet, the DOD reportedly had an email leak recently that’s drawing concern.

According to TechCrunch, a cloud email server was exposed for approximately two weeks, beginning on February 8. A security researcher, Anurag Sen, known for finding leaks, discovered the issue, which reportedly allowed anyone with the IP address access to more than three terabytes of emails dating back several years. More concerning, some included sensitive personnel information, including an SF-86 questionnaire that military members seeking security clearance complete. Other available data included mostly public information about military contracts. It’s not known if anyone other than Sen gained access to the data in the time it was unsecured.

Sen notified TechCrunch upon discovering the unsecured server, and the company then contacted the US government, alerting them to the issue. It was reportedly fixed on Monday, February 20. The site reviewed some of the exposed information, and while some of the material was sensitive — consisting of some military members’ personal data — none of it appeared to be classified. SOCOM’s classified networks aren’t accessible through the internet.

In a statement to CNN, SOCOM spokesman Ken McGraw said the command “initiated an investigation” to determine whether there was a leak but confirmed the issue was not due to a hack. The report from TechCrunch noted that it’s “likely due to a misconfiguration caused by human error.”

A spokesperson for the US Cyber Command provided a statement to The Hill noting that it regularly scans the sensitive networks and works to “fully mitigate, protect, and defend” them. However, the command would not comment on the current status of the server, citing protocol.

Copyright 2023,