- The Washington Times - Friday, June 9, 2006

ASSOCIATED PRESS

A hacker stole a file containing the names and Social Security numbers of 1,500 people working for the Energy Department’s nuclear weapons agency.

But in the incident last September, somewhat similar to recent problems at the Veterans Affairs Department, senior officials were informed only two days ago, officials told a congressional hearing yesterday. None of the victims were notified, they said.

The data theft occurred in a computer system at a service center belonging to the National Nuclear Security Administration (NNSA) in Albuquerque, N.M. The file contained information about contract workers throughout the agency’s nuclear weapons complex, a department spokesman said.

NNSA Administrator Linton Brooks told a House hearing that he learned of the security breach late last September, but did not inform Energy Secretary Samuel W. Bodman about it.

Mr. Brooks blamed a misunderstanding for the failure to inform either Mr. Bodman or Deputy Energy Secretary Clay Sell about the security breach. The NNSA is a semi-autonomous agency within the department and Mr. Brooks said he assumed the department’s counterintelligence office would have briefed the two senior officials.

“That’s hogwash,” Rep. Joe L. Barton, chairman of the Energy and Commerce Committee, told Mr. Brooks. “You report directly to the secretary. You meet with him or the deputy every day. … You had a major breach of your own security and yet you didn’t inform the secretary.”

Mr. Bodman first learned of the theft two days ago, according to his spokesman, Craig Stevens.

“He’s deeply disturbed by the way this was handled,” Mr. Stevens said. He said Mr. Bodman has asked the department inspector general to investigate why the security breach was not made known sooner.

Mr. Barton, Texas Republican, called for Mr. Brooks’ resignation because of his failure to inform Mr. Bodman and other senior department officials of the security failure.

Mr. Brooks said the file contained names, Social Security numbers, date-of-birth information, a code where the employees worked and codes showing their security clearances. A majority of the individuals worked for contractors, and the list was compiled as part of their security clearance processing, he said.

Tom Pyke, the department’s official charged with cyber security, said he learned of the incident only a few days ago. He said the hacker who obtained the data file penetrated a number of security safeguards in obtaining access to the system.

Mr. Stevens said Mr. Bodman, upon learning of the incident, directed that the individuals be immediately told their information had been compromised.

Mr. Brooks acknowledged that no attempt was made to notify the individuals until now. He declined to elaborate because of security concerns, but indicated he could tell the lawmakers more in a closed session.

Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times is switching its third-party commenting system from Disqus to Spot.IM. You will need to either create an account with Spot.im or if you wish to use your Disqus account look under the Conversation for the link "Have a Disqus Account?". Please read our Comment Policy before commenting.

 

Click to Read More

Click to Hide