Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nuclear Agency Worker Information Hacked

Posted by ryuzaki0 on from the does-that-seem-unusually-bad-to-anyone-else dept.

Juha-Matti Laurio writes to mention a Reuters report about a fairly worrying case of identity theft. A determined hacker gained access to the U.S. National Nuclear Safety Administration's records and made off with the information for over 1,500 employees and contractors. From the article: "The incident happened last September but top Energy Department officials were not told about it until this week, prompting the chairman of the House of Representatives Energy and Commerce Committee to demand the resignation of the head of the NNSA. An NNSA spokesman was not available for comment."

3 of 112 comments (clear)

  1. Why aren't laws in place.... by Crasoum · · Score: 4, Informative

    Why aren't laws in place that REQUIRE, on a FEDERAL level people to report to the Attorney General, the company(s) involved with the theft, and the actions taken? California has something close to it, but something nation wide would be nice for the FASTEST growing crime in the US. http://www.usps.com/postalinspectors/idthft_ncpw.h tm. (source)

    The excuse they used that "We thought they knew" is total crap, you'd figure when the head of NNSA says to the ED "Oh hey, we had a security breach where information on 1500 people was stolen, just so you know" Bodman would say "Woooh there, what have you done about it?" as opposed to you know, saying "Mm kay, how about them bears?" and brushing it off...

  2. Confessions of an NNSA contractor by Anonymous Coward · · Score: 5, Informative

    This story reports things quite out of context, the more I find myself directly involved with things in the news, the more I realize its all bullshit.

    Here's the actual scoop, I work as an incident response investigator for the NNSA. There are two issues being confused and placed into one, there was an incident last September, it continues on now as a series of incidents that all mesh together as being from the same source- why haven't there been arrests and such? because it requires the cooperation of the foreign nation in question. Last month a service center in new mexico was broken into as part of the larger incident. This was a result of an attack using zero-day that at the moment is still unpatchable (no patch exists).

    This is what is now being reported as a result of congressional hearings that took place. The information itself was not stolen almost a year ago, but rather less than a month ago, but the incident as a whole has been going on much longer than that. Alarms went up all over the place when this occured and everyone with a need to know was informed.

    So to summarize, two related incidents, the first starting last September, and one occuring last month. The personal data was taken last month as part of the larger incident but is being reported as the data was stolen in september, which is incorrect.

  3. HAVE YOU SEEN THIS LIST?! by mycall · · Score: 3, Informative

    http://www.privacyrights.org/ar/ChronDataBreaches. htm whoa is right