By Dan Goodin in San Francisco
3rd March 2008
A website promoting the town of Mildenhall has been shut down after it
unintentionally became the recipient of hundreds of classified emails,
including messages detailing the planned flight path of President Bush.
Over more than a decade, www.mildenhall.com received emails detailing
all kinds of secret military information that were intended for official
Air Force personnel. One detailed where Air Force One could be found in
the air during a planned visit to the region by President Bush. Others
included battlefield strategy and passwords.
"I was being sent everything from banal chat and jokes, to videos up to
15mb in size," Gary Sinnott, owner of mildenhall.com, said in this
article in EDP 24. "Some were classified, some were personal. A lot had
some really sensitive information in them."
As owner of mildenhall.com, Sinnott received every email that had that
domain name included in the address field. The site was set up to
provide information about the town of Mildenhall, which is about a
half-hour's drive north east of Cambridge.
Sinnott says he brought the SNAFU to the attention of Air Force
officials but was never able to get the problem fixed. At first, they
didn't seem to take the matter seriously, but eventually, they "went
mental," he said. Officials advised Sinnott to block unrecognizable
addresses from his domain and set up an auto-reply reminding people of
the address for the official air force base.
But still, the official emails continued to flow in to Sinnott's site.
And to make matters worse, some people got angry after Sinnott told them
they were sending email to the wrong address and gave his address to
spammers. Sinnott was receiving 30,000 pieces of email per day, most of
which was junk mail.
So Sinnott pulled the plug on the website. Though he remains the owner
of mildenhall.com, it may only be a matter of time before all those
emails incorrectly addressed to Air Force personnel at mildenhall.com
automatically begin to bounce. And that ought to make security conscious
people everywhere breath a little easier.
Alas, according whois records, mildenhall.net and mildenhall.org are in
the hands of non-military individuals and mildenhall.us is available to
anyone with $35. Given what we now know about the boobs who send
confidential information, that ought to give us pause.
Subscribe to InfoSec News