WASHINGTON Feb 4 The U.S. Department of
Energy's electronics network was attacked by hackers in
mid-January but no classified data was compromised, the agency
said in a letter to employees.
The attack "resulted in the unauthorized disclosure of
employee and contractor Personally Identifiable Information,"
the Energy Department said in the letter, which was received by
employees at its headquarters in Washington late on Friday and
obtained by Reuters on Monday.
The department said it was working with federal law
enforcement to gather more information on the nature and scope
of the attacks and assess the potential impact on staff and
contractors. "Based on the findings of this investigation, no
classified data was compromised," the letter said.
Government agencies are required to disclose details when
confidential personal data has been hacked. But there are no
laws requiring them to disclose information when classified data
is raided by hackers.
It was not clear which divisions at the agency's
headquarters were breached in the attack, and it was also
uncertain who the hackers were or where they were based.
A department spokesman declined to comment, and a spokesman
for the Energy Information Administration, which publishes data
that helps keep oil, gas and electricity markets stable,
deferred to DOE headquarters.
Government agencies and contractors handling classified
information are supposed to use special safeguards to protect
classified information from disclosure.
The most highly classified information, such as intelligence
information, is supposed to be stored on systems that are
completely isolated from the Internet.
Over the years, flaws in the systems for handling classified
information have emerged, however. In the past, Energy
Department installations that design and build nuclear weapons,
including the Los Alamos National Lab in New Mexico, have faced
scandals over alleged mishandling of classified information.
In 2006, for example, after raiding a house trailer
containing a suspected small methamphetamine lab, local police
found three computer memory sticks containing classified
information downloaded from the Los Alamos lab's computers.
One of the largest security scandals in modern U.S. history,
the leaking of hundreds of thousands of State Department cables
and military reports to the website WikiLeaks, allegedly
occurred because, in an effort to share intelligence more widely
with operations in the field, agencies sent classified reports
electronically to battlefield intelligence units, where data
protection measures were lax.
Among the material obtained by WikiLeaks, however, not a
single document that has surfaced to date was classified higher
than "secret" - a fairly low-grade classification. Intelligence
officials were not particularly alarmed by the WikiLeaks leaks
because none of their truly sensitive material was leaked.
In late 1999, a Los Alamos nuclear weapons scientist born in
Taiwan, Wen Ho Lee, was arrested and indicted for allegedly
mishandling classified information from the lab. However,
prosecutors ultimately dropped all but one charge against him,
to which he pleaded guilty, and the case ended with Lee
receiving settlement payments from the government and some news
The Energy Department said in its letter that it was
increasing monitoring across its networks and deploying tools to
protect sensitive assets.