The Pentagon’s Cyber Command and Microsoft

 

The Pentagon’s Cyber Command and Microsoft are investigating a security error that caused an Azure-hosted government server to temporarily expose U.S. military emails.  The open server leaked unclassified but sensitive emails on the open internet for two weeks before it was secured, according to TechCrunch. The server was hosted on Microsoft’s Azure government cloud for the military, which is separate from its commercial clients. An error caused the server to be without a password, allowing any internet users to access its data through its IP address. The server contained internal emails for the military, some of which had sensitive personnel information such as a security clearance questionnaire with personal info on a federal employee. Sources told Bloomberg that there is no sign yet that the data was accessed on the outside, though an investigation continues. The server was for U.S. Special Operations Command, which oversees special military operations. The leak was initially discovered by security researcher Anurag Sen, who alerted TechCrunch earlier this week.