The personal data of more than 21,000 US Marines, sailors, and civilians was exposed after an email containing confidential information was accidentally sent to the wrong email distribution list.
According to Marine Forces Reserve spokesman Major Andrew Aranda, affected data included “highly sensitive data such as truncated social security numbers, bank electronic funds transfer and bank routing numbers, truncated credit card information, mailing addresses, residential addresses and emergency contact information.”
It was very quickly noticed and email recall procedures were implemented to reduce the number of accounts that received it.
The Marine Corps takes the protection of individual Marines’ private information and personal data very seriously, and we have steps in place to prevent the accidental or intentional release of such information. We will make any required changes to better safeguard how we collect and store data to prevent this incident from happening again.
Steps have been taken to reduce the impact of the breach, and the Marine Corps is prepared to make the necessary changes to prevent similar incidents in the future. However, the fact that it happened in the first place is concerning.
Although the breach is an example of human error rather than malicious intent, it reiterates the importance of training staff to ensure confidential information is handled appropriately. Staff need to be aware of the risks that their actions carry and the effect they can have. Preventable data breaches can incur fines and result in reputational damage among customers and stakeholders. Even accidental breaches risk information falling into the wrong hands and being used maliciously.
Educate your staff
Our Information Security Staff Awareness E-Learning Course will give your staff a better understanding of what is expected of them. The course will advise them on how to avoid becoming a security liability, introduce them to internal policies on incident reporting and responses, and provide basic knowledge of information security best practice to reduce preventable mistakes.