Classified US military information has been mistakenly sent to Mali repeatedly, hundreds of times over the last twelve years, according to media reports from July 17.
The email was mistakenly sent after the suffix ‘.ml’ was used instead of ‘.mil’.
The misdirected emails included diplomatic documents, tax returns, passwords and the travel information of some of the US military’s top officers including Gen. James McConville, the chief of staff of the US army, according to The Telegraph.
The security breach allegedly dates back to 2011, as Mali’s domain manager Johannes Zuurbier explained to The Financial Times that he has issued numerous warnings to the US about the security risks.
The increased security risk
While there is no indication that Zuubier has utilized the information he was mistakenly made privy to, there is a growing concern for the future as Zuubier’s role will soon be taken over by a new person. The Malian government, which holds a strong relationship with the Russian government, will soon gain access to every document that has been or will be sent.
"If you have this kind of sustained access, you can generate intelligence even just from unclassified information,” Mike Rogers, a retired US Navy admiral and former director of the National Security Agency, told the Times.
“It’s one thing when you are dealing with a domain administrator who is trying, even unsuccessfully, to articulate the concern,” he said. “It’s another when it’s a foreign government that sees it as an advantage that they can use.”
Lt. Cmdr Tim Gorman, a spokesman for the Pentagon, told the Telegraph that the Department of Defense “is aware of this issue and takes all unauthorized disclosures of controlled national security information or controlled unclassified information seriously”.
He said that emails sent directly from the .mil domain to Malian addresses “are blocked before they leave the .mil domain”.