Congress

Senate Dem wants answers on reported Booz Allen leak

Claire McCaskill 

Sen. Claire McCaskill wants a prominent government contractor to answer allegations of security breaches.

The ranking member of the Senate Homeland Security and Government Affairs Committee wants answers from Booz Allen Hamilton about its security posture and ability to manage sensitive intelligence data.

In the wake of reports that an employee of the government contractor could be involved in another leak of sensitive information, Sen. Claire McCaskill (D-Mo.) wrote a letter to the company's CEO, Horacio Rozanski, asking about its ability to protect government data.

On May 24, a cyber risk analyst at UpGuard discovered sensitive federal data in an unsecured Amazon Web Services S3 bucket, apparently uploaded by a Booz Allen employee. The information was related to the National Geospatial-Intelligence Agency and could have been uploaded inadvertently.

Specifically, McCaskill asked Rozanski about the steps the company has taken to investigate how the information became available on a publicly accessible server, if it has determined whether any internal policies or protocols were violated and what actions the company has taken against those responsible for the breach.

The reported leaks raise "questions about the security protocols that [the company] has in place to prevent these types of occurrences," she wrote. "This is just the latest incident where [the company's] ability to manage sensitive information has come into question, including the theft of classified information by… [Booz Allen] employees working under federal contracts."

Edward Snowden and Hal Martin, contractors whose names have become synonymous with leaking sensitive information, were also Booz Allen contractors.

"It's of vital importance that no one can gain unauthorized access to national security information -- but Booz Allen Hamilton put passwords and other sensitive information out there for the world to see," McCaskill said in a statement. "This isn't the first serious incident involving this company, and it's critical we understand what they're doing to end this pattern."

The senator requested a response by July 26.

About the Author

Chase Gunter is a former FCW staff writer.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected