Common typo causes millions of emails intended for members of the US military to be sent to accounts in Mali

Jul 17, 2023, 2:58 PM

In this March 2022 photo, the Pentagon is seen from Air Force One as it flies over Washington, DC.

In this March 2022 photo, the Pentagon is seen from Air Force One as it flies over Washington, DC. (Patrick Semansky/AP)

(Patrick Semansky/AP)

(CNN) — Millions of emails intended for Pentagon employees were inadvertently sent to email accounts in Mali over the last decade because of typos caused by the similarity of the US military’s email address and the domain for the West African country, according to a Dutch technologist who discovered the problem.

In some cases, sensitive information like hotel reservations for senior US military officials were revealed.

The emails were intended for owners of “.MIL” email accounts – the internet domain owned by the US military – but because of typos they were instead sent to the .ML domain, which handles email accounts in the West African country of Mali.

The email mishap reveals the security risks to US national security officials that can arise from an innocent typo. The personal information in the emails could be used to conduct targeted cyberattacks or to track the movements of Pentagon personnel – although there’s no evidence that happened in this case.

The Financial Times first reported on the issue.

Johannes “Joost” Zuurbier, a Dutch internet entrepreneur, received the emails because his company was contracted to manage the .ML domain. Since 2013, Zuurbier said, he has raised the issue with various US officials, including the US Embassy in Mali earlier this year.

“Yes, I was concerned, still am!” Zuurbier said in an email to CNN when asked about possible security risks and the misdirected emails.

Zuurbier’s contract to manage the .ML domain expired last week, he said, prompting him to raise awareness of the issue in the media.

None of the leaked emails were sent from official Department of Defense email addresses, but the department has blocked its email accounts from emailing .ml email addresses as a precaution, Deputy Pentagon Press Secretary Sabrina Singh said Monday.

She added that the “only thing that went through” were emails from personal accounts, like a Gmail or Yahoo account. The department strongly discourages using personal email accounts for official business, Singh said.

“The Department of Defense (DoD) is aware of this issue and takes all unauthorized disclosures of Controlled National Security Information or Controlled Unclassified Information seriously,” Lt. Cmdr. Tim Gorman said in a statement to CNN earlier on Monday.

The misdirected emails have grown less frequent in recent years, but still come by the hundreds per day, Zuurbier said. Many of the emails are spam, but some are sensitive.

One of the misdirected emails contained hotel room numbers for the Army chief of staff, Gen. James McConville, and his entourage on a trip they took in May to Indonesia.

And while the US government can’t prevent outside users from mistyping emails intended for the government, some of those making the typos were US government employees.

One email in Zuurbier’s stash is from an FBI agent and intended for a US Navy official, asking for personal information to process a Navy visitor to an FBI facility. The FBI agent uses the .ml domain.

CNN has requested comment from the Army and the FBI. The Navy declined to comment.

The Defense Department “has implemented policy, training, and technical controls to ensure that emails from the ‘.mil’ domain are not delivered to incorrect domains,” Gorman said in his statement.

“While it is not possible to implement technical controls preventing the use of personal email accounts for government business, the Department continues to provide direction and training to DoD personnel,” the statement continued.

The Pentagon has no control over whether third parties incorrectly type defense personnel’s email addresses, Gorman told CNN when asked about the matter.

This isn’t the first time this year that the US military has had to deal with an inadvertent email leak.

A trove of internal US Special Operations Command emails were publicly available online for about two weeks in February because of an IT misconfiguration. The Pentagon fixed the issue after a private security researcher discovered the leak.

The-CNN-Wire™ & © 2023 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.

KSL 5 TV Live

National News

The Houston Street station in Manhattan is pictured on Saturday, May 25, 2024.  A man was arrested ...

Celina Tebor, Zenebou Sylla and Samantha Beech, CNN

Man arrested after throwing ‘flammable substance’ on stranger in NYC subway station

A man has been arrested after police accused him of throwing a “flammable substance” on a stranger, setting his shirt on fire in a New York City subway station.

4 hours ago

Gilbert Carrasquillo (GC Images/Getty Images via CNN Newsource)...

Cindy Von Quednow, CNN

Former ‘General Hospital’ actor Johnny Wactor fatally shot in Los Angeles

LOS ANGELES (AP) — Former “General Hospital” actor Johnny Wactor was fatally shot in downtown Los Angeles while interrupting thieves Saturday, according to his agent and CNN affiliate KABC. The actor, who played Brando Corbin in the hospital soap opera, was shot as he left work early Saturday morning, his mother told KABC, In a […]

5 hours ago

A man looks at a damaged car after a tornado hit the day before, Sunday, May 26, 2024, in Valley Vi...

Bruce Schreiner and Julio Cortez, The Associated Press

At least 21 dead in Memorial Day weekend storms that devastated several US states

A series of powerful storms swept over the central and southern U.S. over the Memorial Day holiday weekend, killing at least 21 people and leaving a wide trail of destroyed homes, businesses and power outages.

5 hours ago

President Joe Biden, left, joined by, from left, Vice President Kamala Harris, Defense Secretary Ll...

Zeke Miller, AP White House Correspondent

Biden says each generation has to ‘earn’ freedom, in solemn Memorial Day remarks

President Joe Biden is marking Memorial Day with a pledge the United States will continue the work of the nation’s fallen toward creating a more perfect union.

7 hours ago

ARLINGTON, VIRGINIA - MAY 24: Travelers make their way through Ronald Reagan Washington National Ai...

Associated Press

Friday’s preholiday travel breaks the record for the most airline travelers screened at US airports

A record was broken ahead of the Memorial Day weekend for the number of airline travelers screened at U.S. airports.

7 hours ago

FILE: Bill Walton is seen during the Ruffles NBA All-Star Celebrity Game during the 2022 NBA All-St...

Tim Reynolds, AP Basketball Writer

Bill Walton, Hall of Fame player who became a star broadcaster, dies at 71

Bill Walton, who starred for John Wooden’s UCLA Bruins before becoming one of the biggest stars of basketball broadcasting, has died.

8 hours ago

Sponsored Articles

Electrician repairing ceiling fan with lamps indoors...

Lighting Design

Stay cool this summer with ceiling fans

When used correctly, ceiling fans help circulate cool and warm air. They can also help you save on utilities.

Side view at diverse group of children sitting in row at school classroom and using laptops...

PC Laptops

5 Internet Safety Tips for Kids

Read these tips about internet safety for kids so that your children can use this tool for learning and discovery in positive ways.

Women hold card for scanning key card to access Photocopier Security system concept...

Les Olson

Why Printer Security Should Be Top of Mind for Your Business

Connected printers have vulnerable endpoints that are an easy target for cyber thieves. Protect your business with these tips.

Modern chandelier hanging from a white slanted ceiling with windows in the backgruond...

Lighting Design

Light Up Your Home With These Top Lighting Trends for 2024

Check out the latest lighting design trends for 2024 and tips on how you can incorporate them into your home.

Technician woman fixing hardware of desktop computer. Close up....

PC Laptops

Tips for Hassle-Free Computer Repairs

Experiencing a glitch in your computer can be frustrating, but with these tips you can have your computer repaired without the stress.

Close up of finger on keyboard button with number 11 logo...

PC Laptops

7 Reasons Why You Should Upgrade Your Laptop to Windows 11

Explore the benefits of upgrading to Windows 11 for a smoother, more secure, and feature-packed computing experience.

Common typo causes millions of emails intended for members of the US military to be sent to accounts in Mali