Microsoft Outlook was blamed for a 2015 leak of passport details of world leaders, including President Obama, according to a report in The Guardian. Here’s what happened then, how it can still happen now and what you can do to avoid the same trap.
The details where emailed to the wrong person by the Australian Dept. of Immigration who reported the breach and should be properly ashamed of themselves. The email included passport details for President Obama, UK Prime Minister David Cameron, German Chancellor Angela Merkel and all the other G20 leaders.
Luckily, the receiver realized the mistake, notified the Immigration Dept and took steps to entirely remove the wrongly addressed email from their system. More on that in a moment.
While some of the right recovery actions were taken, the decision not to advise the G20 leaders is questionable, to put it mildly. Given the high prominence of the people affected,
Part of the blame falls on Microsoft Outlook and its autocomplete feature. When typing an email address or name, a list of past addresses is displayed.
Example courtesy of Microsoft
That’s a great convenience, but also a trap as one Aussie official discovered.
It’s too easy to select the wrong name from the list. In this case, the recipient had a title starting with ‘Assistant …’ and there were probably a lot of autocomplete suggestions starting with ‘Ass…’ (no pun intended).
Turning off autocomplete is easy, and probably now compulsory in at least one Australian office.
Go to Options | Mail and scroll down to the Send Messages section:
Uncheck the option ‘Use Auto-Complete List to suggest names when typing in the To, Cc, and Bcc lines’.
You might also want to use the ‘Empty Auto-Complete List’ button to clear out the history.
Deleting the message
It’s good to see that the recipient of the message knew that simply deleting the email from Outlook wasn’t enough. Exchange Server also has a copy as we detail in When Is An Outlook Deleted Item Not Deleted?
“Subsequently, on the same day, the Asian Cup Local Organising Committee advised in writing
that <redacted> had emptied his deleted items folder and:
The retention period on – deleted items was set to 0 to purge the item completely;
There is no record of it be forwarded; and
The email was not copied to a backup as these only run overnight.
The Asian Cup Local Organising committee do not believe the email to be accessible, recoverable or stored anywhere else in their systems.“
But that didn’t go far enough. The message is probably hiding in at least two places. See G20 Leaders Passport Info Might Still Be Leaked for details.
The Outlook instance that received the message should have it’s OST data file compacted. This should truly erase any deleted records. Go to Accounts | Change | More Settings | Advanced | Outlook Data File Settings | Compact Now
Additional confirmation could have been done with a check of Outlook’s Recover Deleted Items list to confirmed that no copy was on the server. The network administrators could have searched all mailboxes to make sure there was no lingering copy of the message. For example, searching for unique text in the message or the incoming message ID that Exchange Server gives each item.
Exchange Server logs usually only have the basic details of a message (To, From, Subject etc.) not the content of the message.
There’s no mention of external add-on to the receiving Exchange Server. Many Exchange Server systems use third-party add-ons for spam filtering and anti-virus protection. In some situations, emails can be passed along to these services for checking or additional information.
And there’s the possibility that the ‘deleted’ message is still in the Exchange Server database.
The full report from the Aussie Immigration Department, as obtained by The Guardian is here.
