Emails from a US Defense Department computer dump included responses to the SF-86 questionnaire.
An unnamed senior U.S. defense official confirmed in a news report that an unprotected U.S. Department of Defense server had allowed internal emails to be decrypted for the past two weeks.
According to Tech Crunch, a glitch on a Defense Department server hosted in Microsoft Azure’s government cloud made it possible for anyone with an IP address and a web browser to access the server and its mailbox contents by entering the correct password.
U.S. Special Operations Command-related emails made up a large portion of the nearly three terabytes of classified data stored on the server.
The report claims the server contains old emails that contain confidential information.
For instance, a completed SF-86 questioner, a form filled out by state employees seeking security clearance, was stored in one of the exposed files. The applicant’s Ssn, address, and contact information and names of individuals the applicant deems close have all been requested.
If the report is to be believed, the unprotected server does not contain any sensitive data.
According to reports, the exposed server was secured on Monday afternoon after Tech Crunch contacted the Pentagon on Sunday.
U.S. Military spokesman Ken McGraw notified Tech Crunch that they are “100 percent confident” that no one has hacked into USSOCOM’s computer systems.
Tech Crunch reports that the server was sealed on Tuesday morning, roughly a day after the publication contacted the Pentagon about the issue.
We can affirm at this moment is no one breached U.S. Special Operations Army’s computer systems,” said Ken McGraw, a spokesman for U.S. Special Operations Command, in an interview with Tech Crunch.