INFO:

U.S. military officials inadvertently exposed over 300,000 emails due to their use of a promotional gift shop, GS-JJ, which is linked to China. The breach occurred when military personnel ordered custom merchandise through the third-party vendor, unaware that their sensitive data was being compromised. GS-JJ, a popular supplier for custom pins, patches, and other promotional items, was found to have vulnerabilities that allowed unauthorized access to military email addresses, potentially putting national security at risk. The issue was flagged after cybersecurity researchers discovered the exposed data, which included the personal information and email addresses of military officials. The breach revealed the growing risks associated with using foreign-based vendors, particularly when the vendors might have connections to foreign governments, raising questions about the security of sensitive government data handled by third-party companies. This incident serves as a stark reminder of the potential cybersecurity risks posed by working with third-party vendors, especially those linked to foreign entities. It highlights the importance of vetting suppliers thoroughly and ensuring that they meet strict cybersecurity standards to protect sensitive information.