Over the past 10 years, millions of emails of critical importance regarding the US military have been sent to the West African country of Mali due to a typo in the address.Instead of adding the military domain .mil to the recipient’s email address, senders often mistakenly enter .ml, which is Mali’s country identifier. The Financial Times notes that the messages contain important information about military family members, their health status, photos of bases, maps of facilities, and itineraries for official travel. Also, none of these are labeled as private.
For example, an email sent earlier this year fully disclosed the itinerary of the US Joint Chiefs of Staff during his visit to Indonesia. The email contained a full list of the delegation’s room numbers and details on obtaining the keys to the rooms at the Grand Hyatt Jakarta hotel.
Pentagon: We are aware of the problem
Dutch entrepreneur Johannes Zuurbier, who runs the financial domain name, has been observing this problem for nearly a decade, despite repeated attempts to warn the US government. Zuurbier set up a system to detect and block emails to non-existent domains such as army.ml and navy.ml. Since January of this year alone, 117,000 emails have been sent in error, some revealing sensitive and confidential information about the US military.
On Monday, Johannes’ 10-year contract to manage the Mali domain will expire and it will be impossible to block such emails, meaning they can be accessed by the Malian authorities. On the other hand, US Department of Defense spokesman Tim Gorman said: “The Department of Defense is aware of the problem and takes the unauthorized disclosure of controlled national security information or controlled unclassified information seriously.”Gorman added that US military email accounts notify personnel when they try to send email to addresses with the “.ml” domain and automatically block the email from being sent.
61393
