British Factory Worker Received Sensitive U.S. E-mails by Mistake
British Factory Worker Received Sensitive U.S. E-mails by Mistake - Via Threat Level:
A British factory worker has shut down a tourism site he owned at the request of the U.S. air force after he received thousands of e-mails sent to his domain that were meant for military personnel -- among them e-mails with flight plans for Air Force One, the U.S. presidential plane, as well as passwords and military procedures and tactics, according to the BBC.
The news reports about this, if true, leave a lot of questions unanswered -- such as why this information was even being sent over the internet, and unencrypted at that? And how is it possible that this continued for more than seven years before anyone took action?
Gary Sinnott launched a tourism web site in the late 90s to promote his tiny town of Mildenhall (www.mildenhall.com) in Suffolk. Unfortunately, the domain name was a bit too similar to the domain belonging to the Royal Air Force base at Mildenhall (www.mildenhall.af.mil), which is controlled by the U.S. Air Force and houses a number of U.S. squadrons and wings -- among them the refueling wing for U.S. and NATO aircraft traveling in and through Europe.
Almost immediately after launching his tourism site, Sinnott says he began receiving e-mails sent by military personnel that were clearly intended for the .af.mil domain name but were mistakenly sent to his .com domain instead.
Sinnott says at first he received mostly jokes and videos that
servicemen and women were sending to each other. At one point he was
receiving thousands of messages a week. He contacted the Air Force base
but he says that officials there told him not to worry about it.
Then he started receiving sensitive e-mails with information that he
thinks should be classified. One e-mail discussing military tactics
came with a notice that said "Destroy by any means to prevent capture."
The Air Force warned its personnel to be careful when filling out
addresses and asked Sinnott to block some addresses from sending e-mail
to his web site. But the e-mails continued to come, he says.
The Telegraph reports this week that agents from the USAF Office of Special Investigations
visited Sinnott and asked him to delete any classified e-mails he
received and began to block e-mail sent from addresses in the
military's domain to his .com domain. They've also persuaded him to
close down his web site. But as the Telegraph notes, some
people are worried now that hackers or state enemies may launch other
sites with names similar to military domains to intentionally attract
military e-mail that is mis-addressed.
(Hat tip: AH)
See also:
(Read Original Article - Via Threat Level.)
Delicious
Digg
Reddit
Google
Yahoo
TechnoratiRecent blog posts
- A Remedy for Every Wrong? Why We Need a Consistent Privacy Act
- Give Me My Health Data!
- CDT, EFF and PK File Brief in Ringtones Case
- Pirate Bay 2.0: Pay Pirates to Become Consumers
- Judge Acquits Lori Drew in Cyberbullying Case, Overrules Jury
- Apple patching serious SMS vulnerability on iPhone
- Enter the Advertisers - self-regulatory principles ?
- Out of business, Clear may sell customer data
- TSA asked to ensure safety of customer data after Clear closing
- Several Facts about Google and HTTPS
