[ISN] Hanford workers warned about security breach

InfoSec News isn at c4i.org
Wed Jun 14 04:03:05 EDT 2006


June 13, 2006

The U.S. Energy Department has warned about 4,000 current and former
workers at the Hanford Nuclear Reservation that their personal
information may have been compromised, after police found a 1996 list
with workers' names and other information in a home during an
unrelated investigation.

The discovery marks the second time in less than a week that the
Energy Department has warned employees and its contractors' employees
that their personal information may have been compromised.

Police in Yakima discovered the list while investigating an unrelated
criminal matter, the Energy Department said, adding that the list
included the names of people who worked for a former Hanford
contractor, Westinghouse Hanford, who were transferring to Fluor
Hanford or companies under contract to Fluor Hanford in 1996.

The Energy Department awarded Fluor Hanford the contract to clean up
the highly contaminated nuclear site in December 1996.

The list also included workers' Social Security numbers and
birthdates, as well as work titles, assignments and telephone numbers.

The department began notifying workers about the discovery Sunday.  
Employees at seven companies were warned to monitor their financial
accounts and billing statements for any suspicious activity.

There was no indication that Hanford's computer network was
compromised. The Energy Department and Fluor Hanford were working with
law enforcement officials to determine how the list was obtained and
why it was in the home, the Energy Department said in a statement

"We, along with Fluor, are taking this very seriously," said Karen
Lutz, an Energy Department spokeswoman at the south-central Washington
site. "Obviously, there's a concern to get the word out, because so
many workers transfer to other contractors and other federal sites."

Also on Monday, Energy Department officials began contacting 1,502
individuals by phone to inform them that their Social Security numbers
and other information might have been compromised when a hacker gained
entry to a department computer system eight months ago.

The workers, mostly contract employees, worked for the National
Nuclear Security Administration, a semiautonomous agency within the
department that deals with the government's nuclear weapons programs.

The computer theft occurred last September, but Energy Secretary
Samuel Bodman and his deputy, Clay Sell, were not informed of it until
last week. It was first publicly disclosed at a congressional hearing
on Friday.

Following the Hanford report Monday, Sen. Maria Cantwell, D-Wash.,
demanded corrective actions to ensure that federal employees' personal
information remains secure.

"Today's news that the personal information of 4,000 Hanford workers
has been floating around in the open shows that we still have a long
way to go when it comes to keeping sensitive information out of the
wrong hands," Cantwell said.

Workers from the following companies were urged to check their
financial statements: Fluor Daniel Hanford, Lockheed Martin Hanford,
Rust Federal Services of Hanford, B&W Hanford, Numatec Hanford,
DynCorp Tri-Cities Services and Duke Engineering and Services Hanford.

More information about the ISN mailing list