Common typo causes millions of emails intended for members of the US military to be sent to accounts in Mali

Millions of emails intended for Pentagon employees were inadvertently sent to email accounts in Mali over the last decade because of typos caused by the similarity of the US military's email address and the domain for the West African country, according to a Dutch technologist who discovered the problem.

In some cases, sensitive information like hotel reservations for senior US military officials were revealed.

The emails were intended for owners of ".MIL" email accounts - the internet domain owned by the US military - but because of typos they were instead sent to the .ML domain, which handles email accounts in the West African country of Mali.

The email mishap reveals the security risks to US national security officials that can arise from an innocent typo. The personal information in the emails could be used to conduct targeted cyberattacks or to track the movements of Pentagon personnel - although there's no evidence that happened in this case.

The Financial Times first reported on the issue.

Johannes "Joost" Zuurbier, a Dutch internet entrepreneur, received the emails because his company was contracted to manage the .ML domain. Since 2013, Zuurbier said, he has raised the issue with various US officials, including the US Embassy in Mali earlier this year.

"Yes, I was concerned, still am!" Zuurbier said in an email to CNN when asked about possible security risks and the misdirected emails.