After an unecrpyted email was sent out to the incorrect distribution list, thousands of marines, sailors, and even civilians were left at risk. The information collected includes social security, credit card infofmation, residential addresses, and emergency contact info.
This harmful email was sent with the official yet unclassified usmc.mil domain but some civilians claimed that they received a message from the Defense Travel System. Ironically, the aim of this department is to assist in the safety of military and civilian defense.
The USMC intends on implementing changes to better protect personal information but also believe that this data breach was not a malicious act. Official plans have not been announced yet.
Paul Edon, director at Tripwire, said: “With potentially highly confidential data stored on military systems, it is imperative that these systems are performing regular threat assessments. This includes examining the level of admin privileges granted to individuals to avoid accidental data leaks occurring again.
Tripwire director Paul Edon emphasizes the importance of regularly measuring performance. "With potentially highly confidential data stored on military systems, it is imperative that these systems are performing regular threat assessments."
"To reduce further exploitation, victims must change passwords and account details immediately. With critical personal and financial data exposed it is strongly recommended victims continuously check their bank accounts and monitor for potential signs of identity theft, which in the moments after the breach, is when individuals are most vulnerable.”