The Latest / Data Security News

US Marines Data Security Breach Caused by Lack of Encryption

March 13, 2018

The details of roughly 21,000 people have potentially been compromised in a data security breach emanating from the US Marine’s travel department. This is an example of how when things go wrong internally, it can be just as dangerous as a malicious attack.

US Marine Data Security Breach Caused by Lack of Encryption

What happened in the Data Security Breach

The data security breach stems from the Defense Travel System department. They organize military and civilian defense personnel’s travel itineraries and expenses on official authorized trips. Unfortunately, the department sent an unencrypted email to the wrong distribution list. The email had a document attached that contained the personal details of thousands of people, including marines, sailors and civilians.

The document contained information such as: social security numbers; banking and payment information; residential addresses; and emergency contact information. It’s the kind of information that could be very dangerous in the wrong hands. Maj. Andrew Aranda said the leak was an accident and had no sign of malicious intent. He said:

“The Marine Corps takes the protection of individual Marines’ private information and personal data very seriously… It was very quickly noticed, and email recall procedures were implemented to reduce the number of accounts that received it.”

Just how many wrong email addresses the email was sent to is unknown, but hopefully, the department’s subsequent reach out would have been followed and those who received it would have deleted the information by now.

How Global Data Sentinel would combat a Data Security Breach

Everyone has sent the wrong email to the wrong place, we’ve all made that mistake, but not everyone has done it and caused a major data security breach at the same time. Here at Global Data Sentinel, we give organizations a security platform that helps minimize and prevent such errors.

The biggest criticism that could be levied at the department responsible for the leak was the lack of encryption on the email sent. Global Data Sentinel through Protected Sharing let’s organizations remain in control of their sensitive data even when shared outside the organization. Encryption that follows your data allows for complete control. with Global Data Sentinel, organizations can revoke access to emails even after they have been sent. If you make a mistake, you can just simply block access to the email even after sending it by denying the recipient the encryption key to unlock the email.

You can also send attachments via email that are restricted to read-only, or perhaps have a small window of time in which it can be viewed.

Global Data Sentinel’s security ecosystem is all about giving you back control of your data at all times. Even when sending email outside of your organization, you still maintain control.