Be Careful With Emails

Over the last several years, Air Force personnel have repeatedly sent classified information to a factory worker who lives in a small town near Cambridge, England. Gary Sinnott started the Web site www.mildenhall.com in the mid 1990s in order to promote his hometown. Soon thereafter, he started receiving emails from members of the U.S. Air Force, who were trying to send messages to people at a base located in the town.

Sinnott reported the problem to base officials, but “their attitude was we are not worried, we are American, our security is great,” he tells EDP 24 News. But the emails kept coming. He received mundane messages like notes to friends and videos. But he also received some top-secret communications. At one point someone emailed Sinnott the flight plan for Air Force One. He also received battlefield strategies and military passwords. The base eventually started blocking emails sent to mildenhall.com, but the messages kept coming.

Sending emails to the wrong domain isn’t the only reason to check the address before hitting send: Last month, Portfolio reported that the NY Times learned that Eli Lilly was considering a $1 billion legal settlement because an attorney working on the case accidentally sent files to a reporter with the same last name as her co-counsel.

Links:
EDP24 - US military secrets sent to factory hand

Eli Lilly E-Mail to New York Times - Portfolio.com

Thats disturbing that those communiques were sent via email to begin with. Its not like email is a secure form of communication, even if sent to the wrong address!

Phaedrus needs to pay attention to what he's doing!!!!

We are actually looking at a device that intercepts outgoing email and quarantines it if there are SS numbers, or CC numbers, dates of birth, account numbers, etc. I assume every company will start investigating these types of systems as more and more of this happen.

crap that sucks

Quote:

---

Originally Posted by herbicide

Thats disturbing that those communiques were sent via email to begin with. Its not like email is a secure form of communication, even if sent to the wrong address!

---

Trust me when I say that nothing classified got out. For the most part, in the DoD, e-mail IS secure. It never leaves the DoD network. There is a different, classified network that handles all classified e-mails, that is not connected to anything else.

The story is either completely false, or completely incomplete. The stuff they're talking about cannot accidently get sent to a .com email address.

Quote:

---

Originally Posted by brianhos

We are actually looking at a device that intercepts outgoing email and quarantines it if there are SS numbers, or CC numbers, dates of birth, account numbers, etc. I assume every company will start investigating these types of systems as more and more of this happen.

---

Let me know what you find on that. Ill be curious about its reliability.

Quote:

---

Originally Posted by ColoradoClone

The story is either completely false, or completely incomplete. The stuff they're talking about cannot accidently get sent to a .com email address.

---

unless they're accidentally typing in that .com e-mail address (when they should be typing in a .mil or .gov address).

For instance, whitehouse.gov and whitehouse.com are completely different websites...

Quote:

---

Originally Posted by jdoggivjc

unless they're accidentally typing in that .com e-mail address (when they should be typing in a .mil or .gov address).

For instance, whitehouse.gov and whitehouse.com are completely different websites...

---

This didn't happen.

Quote:

---

Originally Posted by brianhos

We are actually looking at a device that intercepts outgoing email and quarantines it if there are SS numbers, or CC numbers, dates of birth, account numbers, etc. I assume every company will start investigating these types of systems as more and more of this happen.

---

Would that slow down my money that the Nigerian prince is sending me, or will I still get it, since I do my computing at home?

Again, I will revalidate what has been said before. This is a completely misrepresented report. The secure and unsecure networks are entirely separate. They do not touch at any point.

You cannot just accidentally send an e-mail from one to another. In fact, you cannot ON PURPOSE send an e-mail from one to the other.

Being an Active Duty Air Force Officer, in the computer field. I highly doubt that this is true. You can't just send classified information out of an AF network. That is all I can elaborate.

So, putting on my evil thinking cap, what's the chance this is deliberate misinformation, or BOGINT, for short?

Stranger things have happened.

Quote:

---

Originally Posted by ColoradoClone

The story is either completely false, or completely incomplete. The stuff they're talking about cannot accidently get sent to a .com email address.

---

I hadn't seen anything in any of the reports that would have been "classified" other than For Official Use Only, which, while still isn't good, isn't exactly the end of the world. If there were e-mails classified above FOUO, the reaction from Mildenhall would have been much much bigger.