(NewsNation) — A simple typo could have sent national security information as military emails were mistakenly sent to Mali, a Russian ally, and the problem has been going on for a decade.

Millions of emails were misdirected when people used the domain suffix .ml instead of .mil, which is used in all military email addresses. While the military has the .mil domain, .ml belongs to Mali, which has a Russian presence thanks to the mercenary Wagner Group, which has used the country to route supplies to Ukraine.

First reported in the Financial Times, the issue isn’t a new one. Johannes Zuurbier, an internet entrepreneur who was contracted to manage Mali’s country domain, said he had received tens of thousands of misdirected emails since 2013.

When Zuurbier’s contract ended, the government of Mali gained access to those emails. Zuurbier set up a system to catch the emails that were routed to non-existent domains, like army.ml and reportedly tried to warn the U.S. government of the issue for years.

While classified information is sent on separate servers and does not appear to have been affected, there were still emails with sensitive information, including medical information, passwords and itineraries for senior officers.

According to Deputy Pentagon Press Secretary Sabrina Singh, none of the emails were sent from within the military but came from outside accounts, including Gmail and Yahoo addresses.