The very first one involves the CBP agent forwarding all of his email to a personal account, but messing up the configuration, so that it actually forwarded to someone else‘s Gmail account (someone with a similar name) — and this mistake was only noticed when this „civilian“ responded to an email he had received via this forwarding, and the response was sent to a wider mailing list of Homeland Security employees