Hi, all. I have a really strange situation here.
2 weeks ago, I received an email from a mail.mil address (civ) with the subject header “My CI case reviews for the week.” The email was sent to 8 individuals who appear to work for DoD CAF and me; I think the sender intended to add a 9th DoD CAF individual (presumably my adjudicator), but instead sent the email to my government email. Bit of a mistake, that.
The email contained my SSN as well as 8 others (and was NOT encrypted), and next to each SSN was the individual’s associated level of risk. The level of risk cited next to my SSN was “medium,” with the accompanying reason being “one contact of concern’s employer.” I truly have no idea what this means. Others were deemed “high” or “low” risk.
As mentioned, I believe that this email was supposed to go to the adjudicators associated with each case. How this guy managed to send it to me – in addition to not even bothering to encrypt an email chock full of PII – is totally beyond me. But now I have it.
I am a contractor, and my company has not taken what I feel to be appropriate action. As best I can tell, our security staff hasn’t done anything to either address the sending of this rogue email or interpret its contents for me. I am deeply, deeply concerned about being labeled a “medium” risk; I applied for a Secret clearance in September 2016 and have already been removed from one job because my investigation was taking too long. If a denial comes back, I will lose this job and presumably be out of luck. I have spent 2 years working on client site at various DoD installations, and it would feel unbelievably cruel to get canned now.
I write to ask if anyone has any insight or recommendations regarding (1) what this means, and (2) how I should handle this. My company did instruct me NOT to reply to the individual from whom I received the email, and I never received any follow up - so it’s safe to say that he has no idea the mistake was made. I appreciate any and all feedback.