Over 20,000 U.S. Marine Corps Reserve personal data was leaked

Malaysian organ donors

According to a report by the Marine Corps Times, the United States Marine Corps Reserve became the victim of large-scale data breaches this week with some 21,426 people, personal sensitive information of sailors and other staff members was accidentally exposed to the outside world.

On the morning of February 26, the U.S. Department of Defense’s Defense Travel System (DTS) reported that it had sent an unencrypted e-mail to a wrong list of e-mail addresses.

DTS is a system affiliated with the U.S. Department of Defense that helps arm the military in setting travel routes and settling official travel authorization costs.

Hacker group Hive-CM8

Maj. Andrew Aranda, Archon of the Marine Corps, said a misleading e-mail attachment contains a wealth of highly-sensitive information such as social security numbers, bank electronic funds transfer records and bank transfer numbers, credit card information, home addresses, and emergency contact information.

The unencrypted e-mail was not only inadvertently sent to civilian accounts but also sent to accounts hosted on the unclassified navy’s official domain name “usmc.mil”. It is unclear how many people have received this e-mail.

Aranda said: “It was very quickly noticed and email recall procedures were implemented to reduce the number of accounts that received it.”

At present, the Marine Corps is investigating the disclosure of data to assess the extent of the impact. On the other hand, the Marine Corps plans to notify all those affected by data breaches and provide guidance on how to prevent identity theft.

Numerous real-life examples tell us that criminals often use bank-owned and credit-fraudulent schemes or carry out phishing activities using the personal identification information of others. The leakage of personal information for military personnel will have even more dire consequences.

It is noteworthy that this is not the first time the U.S. military has suffered a data breach. In November 2016, the U.S. Navy issued a public statement stating that a laptop owned by it had been hacked and that personally identifiable information of more than 130,000 active and retired navy soldiers had been leaked.

According to a report published by the Guardian in January this year, the fitness tracking company Strava released a heat map showing how users of Strava are able to run or cycle Leave all the path records. Because many of the U.S. soldiers active are users of this application, experts believe this is likely to reveal sensitive data about the U.S. military bases and personnel deployed around the world.