U.S. Marine Corps officials are investigating after the personal information of approximately 39,000 personnel including Marines, sailors and civilians working within the Department of Defense was involved in a data breach discovered May 12.
The Marine Corps said the breach occurred when an unencrypted email was sent from within Camp Pendleton-based Combat Logistics Regiment 17, part of the 1st Marine Logistics Group, to administrators of the Defense Travel System.
The unencrypted email sent May 9 contained variations of personal information including the full names, last four digits of Social Security numbers, and contact information of personnel, including phone numbers, email addresses as well as residential and mailing addresses, according to a May 19 notification letter sent by J. S. McCalmont, the Commanding Officer of Combat Logistics Regiment 17.
The letter also advised account and routing numbers for affected personnel's checking and savings accounts were included in the breach.
Get San Diego local news, weather forecasts, sports and lifestyle stories to your inbox. Sign up for NBC San Diego newsletters.
"At this time, there is no indication that any PII (personally identifying information) has gone outside of official government channels," a Marine Corps spokesperson wrote in a statement to NBC 7.
Leaders of the 1st Marine Logistics Group are "proactively reaching out to individuals who may have been affected by this incident, the statement added.
"We regret this unfortunate development and any inconvenience or undue concerns this may cause," McCalmont wrote in closing his letter, adding "Additional security measures are being implemented to prevent further unauthorized disclosures and we are adopting new protocols to ensure all PII is protected."