The U.S. military has been notified that it could have possibly misdirected millions of emails with potentially sensitive information to the country of Mali, in error.
The Financial Times reported that a Dutch web entrepreneur says he noticed the misdirected emails in January and has been collecting them. Johannes Zuurbier said a typo in the domain, in which senders type ".ML" for Mali's domain instead of ".MIL" for the U.S. military, has created the issue.
FT reported that highly sensitive data was purportedly sent, including passwords, tax records and diplomatic documents.
The Pentagon said it had addressed the issue.
Zuurbier notified the U.S. military to warn them of the mistakes. He has a contract to manage Mali's country web domain, the BBC reported.
Zuurbier wrote a letter to U.S. officials recently telling them his contract to manage Mali's web domain was set to end soon and said "the risk is real and could be exploited by adversaries of the US."
Steven Stransky, who has served as a lawyer with the Department of Homeland Security, said, "Those sorts of communications would mean that a foreign actor can start building dossiers on our own military personnel, for espionage purposes, or could try to get them to disclose information in exchange for financial benefit."
Zuurbier, who says he has been intercepting the emails, would not be able to once his contract with the government of Mali ends, The Verge reported.
Tim Gorman, a spokesperson for the U.S. Secretary of Defense, told The Verge, "The Department of Defense (DoD) is aware of this issue and takes all unauthorized disclosures of Controlled National Security Information or Controlled Unclassified Information seriously."
Gorman said the emails sent from a .MIL domain to Mali are somehow "blocked," as he put it, and said the sender will be notified that they "must validate the email addresses of the intended recipients."
Trending stories at Scrippsnews.com