Apr 19, 2007

House panel schedules 13th hearing

ROGER SNODGRASS Monitor Assistant Editor
Thursday, April 19, 2007


Los Alamos National Laboratory Director Michael Anastasio will return to Washington for a return engagement with a House oversight subcommittee on Friday.

The committee has invited Anastasio, along with Energy Secretary Samuel Bodman and the Department of Energy Inspector General, to provide testimony on an ongoing investigation into "Mismanagement at Los Alamos National Labs."

A press announcement by the Oversight and Investigations Subcommittee release on Tuesday said Bodman would be asked to account for security information leaks and inadequate background investigations, and what would be done to correct a history of security problems.

Bodman will also be asked about issues related to a strike that began Monday at the Pantex Plant in Texas. A contingent of Los Alamos security managers was dispatched to Amarillo to replace striking guards.

The press release raised a new issue that came to light in March when it was discovered that a defunct LANL subcontractor, Lujan Software Services, posted lab-related personal information on a website. The information was said to have included the names and social security numbers of approximately 550 individuals, including former and current employees.

Kevin Roark, a laboratory spokesperson, said this morning that the "personally identifiable information" was discovered by the laboratory in a legacy website that was nine years old.

"This was not a security infraction, but rather a legacy issue," he said.

The company had used the lab's information as "dummy data" to demonstrate how the company's software worked, he said.

"We took immediate action to make certain this website came down, then immediately notified the 550 people whose information was compromised," Roark said. "It was not an active web site and it was difficult to find. If you did find it, the personal information was buried and that led us to believe the potential for compromise was very low."

The software company has not been in business for the last two years.

Anastasio last testified before the committee on Jan. 30. He returned to Los Alamos and embarked on a round of meetings with managers, employees and the community to underline the seriousness of the issues under consideration by the subcommittee.

Concerning Anastasio's testimony in Washington, Roark said, "He intends to update the subcommittee to bring them up to speed on all that we have accomplished in cybersecurity improvement in the last few months."

3 comments:

Pinky and The Brain said...

"This was not a security infraction, but rather a legacy issue,"

We're guessing the distinction is lost on approximately 550 individuals, including former and current employees.

Anonymous said...

I don't think that "Legacy Issue" will fly. Remember, all the people responsible for this oversight are, at the moment, still in charge.
Prepare for some consequences.

Anonymous said...

Has anyone ever tried to find out what happened to all the every-five-year security questionaires that DOE somehow lost across the canyon a few years ago? More than just SSNs on those. Just one of the prices paid to work in association with the DOE, evidently.