Sensitve DHS briefings leaked through Energy system

Because of an apparent security glitch at the Energy Department, dozens of sensitive Homeland Security Department documents have been available on a public Internet site for several days.

The documents cover five months' worth of "Morning Briefings" sent to federal and state law enforcement agencies?including the FBI , CIA and White House?by DHS.

The briefings provide daily summaries of law enforcement actions directed at thwarting terrorist activities within the United States, and they include details such as names and possible terrorist operations. Marked "for official use only," the government does not make such information public or allow its posting to public Web sites.

DHS spokeswoman Michelle Petrovich said the vulnerability on the Energy Web site was found and dealt with promptly and DHS has taken other steps to protect the reports.

"We changed the way we share information with our federal partners," Petrovich said. "Now they come to us, to a special portal, to access information."

Mike Waldron, a spokesman in Energy secretary Spencer Abraham's office, said access to an internal DOE Web site was "an error of misconfiguration [that] allowed this document to be accessed."

The public site for the department's Energy Assurance Office, the source of the leak, has been put back up, but the internal site is still offline, Waldron said. "DOE security is running tests on the site," he said, adding, "There's potential for possible additional security on that site."

To that end, the employee responsible for the site is "actually going through significant and rigorous security training in addition to the mandatory training" Energy requires on security, he said.

The system flaw meant "someone could read [the briefings] legitimately," said John Loftus, a former Justice Department prosecutor who now is a consultant to former intelligence employees. Loftus said the leaks would be a topic at next month's Intelcon, an intelligence conference in Arlington, Va.

The Web site that posted the documents, www.cryptome.org, reported that the system flaw at Energy originally was in the department's Energy Assurance site. Cryptome.org also reported that a person claiming to be an Energy contractor contacted it Jan. 19 and asked if the documents could be removed. The Web site administrator refused to do so.

DHS will continue to share sensitive information with federal, state and local partners, Petrovich said, while encouraging agencies to take proper security measures to protect the data.

"The public dissemination of detailed information only hinders our ability to protect our citizens," she said.

Energy did not immediately return a reporter's calls for comment.

Susan M. Menke and Mary Mosquera contributed to this story.

Editor's note: An earlier post of this story characterized the documents as classified. Although the use of the for-office-use-only designation restricts the release of documents publicly, it is not technically a government classification level.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

I agree to this site's Privacy Policy.