A US Division of Protection electronic mail server hosted on Microsoft Azure’s authorities cloud service reportedly was discovered huge open to the general public Web for a interval of about two weeks earlier than it was correctly secured.
In keeping with a report on TechCrunch, a safety researcher noticed the e-mail server containing inside US navy messages, some with delicate private data, together with an SF-86 questionnaire that federal staff fill out as a part of their safety clearance course of. It was one in every of a bunch of electronic mail servers within the US Particular Operations Command (USSCOM) however probably on the civilian facet, the report stated.
The e-mail server appeared to have been misconfigured and was operating with out password safety. As soon as TechCrunch alerted USSCOM, the company mounted the problem. “[W]hat we will verify at this level is nobody hacked US Particular Operations Command’s data methods,” a USSCOM spokesperson informed TechCrunch.
