One Error Goes a Long Way
The U.S. Marine Corps has launched an investigation following an accidental leak of confidential information belonging to over twenty-one thousand Marines and civilians
On February 27th, the Defense Department’s Defense Travel System (DTS) inadvertently sent an unencrypted email to contacts listed in the unclassified “usmc.mil” domain containing a roster with personal and financial details belonging to thousands of Marines. Truncated social security numbers, bank and credit card information and contact details belonging to the affected individuals have been exposed.
Following the discovery of the misaddressed email, recall procedures were implemented to reduce the number of accounts that received it. While investigations are ongoing, this incident is a reminder to all that breaches can happen by accident just as easily as through malicious actors.
Affected individuals are being notified of the breach, and the Marine Corps is offering guidance on mitigating the risk of fraud and identity theft for those who have had their information exposed. Victims are being encouraged to change their passwords and monitor their financial accounts and credit reports for signs of fraud or identity theft.
It’s Everyone’s Problem
Many massive data breaches have made headlines in recent years, but an untold number of organizations are still failing to properly protect their data. Lax security protocols have again resulted in a disturbance to thousands of lives and diminished the trust we have in an organization that serves our nation.
Data breaches can be disastrous for both businesses and the individuals affected by them. A single vulnerability or misaddressed email could lead to an organization shutting its doors, and millions of lives facing consequences for years afterward. Organizations of all sizes must begin to take a more proactive approach to security if we are to decrease the number of incidents and lives affected by them.
Implementing a security strategy is a great start, but educating users is a key piece that many miss. Your users have access to internal data that, if improperly handled, could be devastating to your business. The only way to ensure that your workers are equipped to protect your data is to educate them, ensure that they understand what is expected of them, and continue to promote a security mindset within your organization.