Millions of US military emails have been mistakenly sent to Mali, a Russian ally, because of a minor typing error.

Emails intended for the US military’s “.mil” domain have, for years, been sent to the west African country which ends with the “.ml” suffix.

Some of the emails reportedly contained sensitive information such as passwords, medical records and the itineraries of top officers.

The Pentagon said it had taken steps to address the issue.

According to the Financial Times, which first reported the story, Dutch internet entrepreneur Johannes Zuurbier identified the problem more than 10 years ago.

Since 2013, he has had a contract to manage Mali’s country domain and, in recent months, has reportedly collected tens of thousands of misdirected emails.

  • buycurious@lemmy.world
    link
    fedilink
    arrow-up
    19
    ·
    1 year ago

    Kind of surprising the Pentagon doesn’t have a rule that says “don’t allow anything to a .ml address unless you have clearance,” or something like that.

    • Neuron
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      They do. The problem is people sending emails from outside servers to them don’t have that rule.

    • BoilingTea@lemmy.world
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      1 year ago

      You don’t need a clearance to use plain old .mil emails. Anything requiring a confidential or above clearance is on a separate network/domain. You are still releasing FOUO (for official use only) controlled information which can become classified higher if combined, but it’s not a spillage on the scale of say Snowden or Trump’s boxes.