In a recent revelation, it has emerged that the Ministry of Defence (MoD) has identified 55 emails that were incorrectly sent to the .ML top-level domain, which belongs to the African nation of Mali, since January 2022.
The information came to light in a response to a written parliamentary question.
“The Ministry of Defence takes the security of our people, our information and our systems very seriously. While all sensitive information is shared on systems which would prevent such misdirection, policies are put in place on all email systems to minimise the risk of such mistakes,” stated Andrew Murrison, The Parliamentary Under-Secretary of State for Defence.
Further clarifying, he mentioned, “Investigations are still ongoing however to date, we have identified 55 emails that have been sent to the .ML top level domain since January 2022. Of these, it is assessed that 15 were misdirected emails, that were destined for a .MIL address. We are confident that this small number of emails did not contain any technical data or information that could compromise operational security. Seven of these were sent in 2022, and eight in 2023.”
For context, over the past ten years, many emails that were intended for the .mil US military addresses were mistakenly directed at .ml addresses due to a single-character error.
This mishap potentially redirected sensitive data like medical records, identity documents, and maps of military installations, although not all such emails reached their unintended .ml recipients.