Pentagon refuses to say if leaked data were seized by rivals: Report

• 

The Pentagon kept a server containing hefty sensitive internal records completely unsecured for several weeks, a TechCrunch report revealed on Tuesday.

According to the report, the unprotected server reportedly contained around three terabytes of internal Pentagon emails, including those from the US Special Operations Command (USSOCOM).

"A misconfiguration left the server without a password, allowing anyone on the internet access to the sensitive mailbox data inside using only a web browser, just by knowing its IP address," the website explained.

It claimed that the data spill, most likely caused by human error, was patched after a researcher named Anurag Sen told TechCrunch about the matter, which, in turn, alerted the US government.

Among the exposed files were SF-86 forms, which contain health and other personal data provided by US government employees seeking clearance to handle classified information, TechCrunch highlighted.

The incident drew comparisons to a 2015 incident in which millions of US Office of Personnel Management files were allegedly seized by Chinese hackers.

Despite being informed of the data spill on Sunday morning, the USSOCOM fixed the leak on Monday evening, the website pointed out.

TechCrunch quoted USSOCOM Spokesperson Ken McGraw as saying that an investigation into the matter is underway, claiming, "We can confirm at this point is no one hacked U.S. Special Operations Command’s information systems."

"It’s not known if anyone other than Sen found the exposed data during the two-week window that the cloud server was accessible from the internet," as per the website.

The Pentagon refused to say whether it has the technical ability to detect any evidence of improper access or data exfiltration from the database.

Read more: Pentagon admits problems recruiting young Americans to US army: Report