The United States Marine Corps has launched an investigation after an email was leaked containing an attachment with confidential data on 21426 soldiers and civilians.
The unencrypted email, that was sent to a wrong distribution email list on Monday morning, included highly sensitive data such as partial credit card details, addresses, and Social Security numbers. Speaking of the incident, Major Andrew Aranda, spokesperson for the Marine Forces Reserve, said in a command release: “It was very quickly noticed and email recall procedures were implemented to reduce the number of accounts that received it.” Aranda stated that it is not believed the leak was intentional specifying that “no malicious intent was involved.” He added that the Corps "will make any required changes to better safeguard how we collect and store data to prevent this incident from happening again." “The Marine Corps takes the protection of individual Marines’ private information and personal data very seriously, and we have steps in place to prevent the accidental or intentional release of such information,” said Aranda.
The Marines are notifying victims and attempting to analyse the extent of the spread of the data. In such cases, however, analysing the impact could prove very difficult. Once data moves outside its original domain, it is impossible to track how it will spread and it can be very dangerous. Leaked information of this nature can be used for identity theft and financial fraud. The Marines are providing guidance on ways to safeguard from those crimes.