Cybersecurity

Pentagon investigating two-week email server leak

The Defense Department’s U.S. Special Operations Command (USSOCOM) has confirmed that it is investigating how one of its servers leaked sensitive data for two weeks.

The Pentagon said it is evaluating the scope and impact of the potential data exposure, as well as looking to “understand the root cause of the exposure and why [the] problem was not detected sooner.”

The agency also confirmed that it was able to secure the server on Monday and will be notifying any staff members affected by the leak.

“DoD takes this matter very seriously and will incorporate all lessons learned from this event to strengthen its cybersecurity posture,” U.S. Navy Cmdr. Jessica McNulty, a Department of Defense spokesperson, told The Hill. 

The investigation was prompted after an independent security researcher found the open server last weekend and notified TechCrunch, a tech news organization, which alerted the agency and was first to report about the leak.


According to TechCrunch, a security error left the server without a password, which means that anyone on the internet could access the data via the server’s IP address. 

The server housed massive amounts of data that contained sensitive information, including personal and health information of federal employees seeking security clearance, TechCrunch reported.

USSOCOM is a unit within the Department of Defense that conducts and oversees special operations in branches of the military including the Army, Navy, Marine Corps and the Air Force.