A Navy officer stationed in Iraq “deliberately and without authorization” used an NSA database to try to pry into the mobile phone of her boyfriend’s son, according to a top secret NSA inspector general report obtained by BuzzFeed News.

The 2014 report — one of dozens the NSA just declassified in response to a Freedom of Information Act lawsuit — provides a rare, behind-the-scenes look into how the spy agency responded to an instance of illegal surveillance on an American citizen.

The Navy officer did not access the phone data — she was halted by a warning signal. But the inspector general’s report says the officer, whose name was redacted, violated federal regulations and a presidential executive order designed to protect Americans from being spied on by intelligence agencies without a warrant.

The NSA took swift action. The officer was placed on administrative duty, prohibited from entering the classified intelligence collection facility in Iraq and stripped of access to the NSA signals intelligence database. The Navy Criminal Investigative Service also launched an investigation into the matter. The outcome of that investigation has not been made public. A spokesperson for the service did not did not respond to requests for comment.

In a statement to BuzzFeed News, NSA spokesperson Mike Halbig said the agency “takes very seriously allegations of misconduct, and cooperates fully with any investigations — responding as appropriate. NSA has zero tolerance for willful violations of the agency’s authorities.”

The NSA discovered the breach in July of 2011, a month after it happened, during an audit of the signals intelligence — or SIGINT — system, the inspector general’s report says. SIGINT is intelligence gathered through the covert collection of electronic signals and communications.

According to the inspector general’s report, the Navy officer was deployed to Iraq in 2011 as part of a classified program. Information about the program was redacted from the report. Before deployment, the officer had completed two training courses on using sensitive data, including one that “covers, in detail, the rules against targeting United States persons.”

On June 4, 2011, the first day the Navy officer was granted access to the highly classified NSA signals intelligence database, she underwent a third course on how to use it. During a training exercise, she entered her boyfriend’s son’s telephone number into a search field and tried to access data covering the span of a month on the prepaid telephone number. That phone was also used by other members of her boyfriend’s family, the report said.

“She inputted the number into the SIGINT system because it was the only telephone number she could think of at the time,” the inspector general’s report says. “She could not explain why this telephone number came to mind instead of her own telephone number or any other number.”

But she did not obtain data on the phone number because when she queried the database the computer monitor “displayed a bright red warning sign.”

The Navy officer panicked. But her trainer, an Army officer, told her “not to worry” and to just clear out the various search fields on the database. She thought her training officer would report the incident, according to the report, but he didn’t. Neither did she.

After the breach was caught by the audit, the Navy officer told NSA investigators she did not intentionally target the telephone number of her boyfriend’s son. She “attempted to minimize her actions by saying her unauthorized query of a U.S. person was the result of a training accident,” the inspector general’s report states. But “her argument does not change the facts that she had been trained on the proper use of the SIGINT system before deployments, entered the specific telephone number of a U.S. person into the SIGINT system, and conducted a query of a U.S. person without proper authorization.”

The Navy officer was required to complete another training course as “part of non-punitive counseling.”