US National Security Agency (NSA) Data Breach (2008)

In 2008, the NSA OIG was notified that a SIGINT audit had discovered a possible violation of USSID 18. An investigation revealed that, while reviewing the communications of a valid intelligence target, the subject determined that the intelligence target had a relative in the U.S. The subject queried the SIGINT system for the email address of the intelligence target in 2008 and used other search terms to obtain information about the target's relative.