I’m going to start with several paragraphs. Elipses (…) mean that there are paragraphs missing. I’m putting things here that I think need to be put out. The block quotes indicate that its quoted text and not my own.
The US Department of Defense (DOD) is notifying more than 26,000 current and former employees, job applicants, and partners whose sensitive personally identifiable information was exposed in a “data breach incident” detected in early 2023, DefenseScoop has learned.
It seems that a certain service provider inadvertently exposed personal email messages. DefenseScoop viewed a notice encouraging longtime DOD officials to sign up for government-provided identity theft protection services.
…
“This letter is to notify you of a data breach incident that may have resulted in a breach of your personally identifiable information (PII). During the period of February 3rd, 2023, through February 20th, 2023, numerous email messages were inadvertently exposed to the internet by a [DOD] service provider. Unfortunately, some of these email messages contained PII associated with individuals employed by or supporting the DOD or individuals seeking employment with the DOD. While there is no evidence to suggest that your PII was misused, the department is notifying those individuals whose PII may have been breached as a result of this unfortunate situation,” states the document by the Defence Intelligence Agency, dated February 1st, 2024.
…
Last year, a US Department of Defense cloud server was found wide open on the internet, leaking vast amounts of sensitive US military emails. Discovered by a white hat hacker, Anurag Sen, the server was left exposed on the internet for at least two weeks before it was taken offline by the government.
The Pentagon server was hosted on the Microsoft Azure Government cloud and was part of an internal mailbox system containing roughly three terabytes of internal military emails – many connected to the US Special Operations Command (USSOCOM).
These are highlights of a short article about yet another company that just decides to publish info about a breach that happened a year ago.
Listen. you knew about the breach last year. After you fixed the issue which you said you fixed way back in 2023 just shy of a year ago, than why didn’t you put up a notice on the site for employees and visitors could read that said that there was an issue and you’d be notifying people who were affected? Why did it take one year for the department of defense to even notify anyone?
We want to know as soon as you do! We don’t want to know one year from now! This, is beyond repair. I hope that whoever oversees the department learns really quick that this is not what people want. If I applied, found out one year later that my info was out, I would not be too happy. As for the job, I could probably stay, but i’d be asking a ton of questions. But then again, I understand how important my privacy is and what’s left of it is not much.
If you want to read the entire article, Pentagon says 26K people impacted by data breach from early 2023 comes to us by Cyberscoop.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.