Eweek reports that last September cyber criminals broke into DOE (Department of Energy) made off with a file containing the names and Social Security numbers of 1,500 people working for the Energy Department’s nuclear weapons agency.
In a very similar fashion to the blunder at Veterans Affairs, senior officials were informed only two days ago, officials told a congressional hearing Friday. None of the victims was notified, they said.
Brooks acknowledged that no attempt was made to notify the individuals until now. He declined to elaborate because of security concerns, but indicated he could tell the lawmakers more in the closed session.
“If somebody got that information from your file, wouldn’t you be a little concerned if nobody told you?” Rep. Diane DeGette, D-Colo., asked Brooks.
“Of course I would,” he replied.
The Energy Department spends $140 million a year on cyber security, Gregory Friedman, the DOE’s inspector general, told the committee. But he said that while improvements have been made, “significant weaknesses continue to exist,” making the unclassified computer system vulnerable to hackers.