Friday, June 09, 2006

Incident: Security clearance info on nuclear contractors compromised by hacker

Not a good couple of weeks for information security in the US Government. It is now being reported that a hacker penetrated a computer system of the Department of Energy's Nuclear Weapons Agency in September, but the Secretary of Energy was not informed until last week. Here's a bit more info:

DOE computers hacked; info on 1,500 taken - Yahoo! News:

Although the compromised data file was in the NNSA's unclassified computer system -- and not part of a more secure classified network that contains nuclear weapons data -- the DOE officials would provide only scant information about the incident during the public hearing.

Brooks said the file contained names, Social Security numbers, date-of-birth information, a code where the employees worked and codes showing their security clearances. A majority of the individuals worked for contractors and the list was compiled as part of their security clearance processing, he said.

Tom Pyke, DOE's official charged with cyber security, said he learned of the incident only a few days ago. He said the hacker, who obtained the data file, penetrated a number of security safeguards in obtaining access to the system.

No comments: