Congress

Senate Dem wants answers on reported Booz Allen leak

Claire McCaskill 

Sen. Claire McCaskill wants a prominent government contractor to answer allegations of security breaches.

The ranking member of the Senate Homeland Security and Government Affairs Committee wants answers from Booz Allen Hamilton about its security posture and ability to manage sensitive intelligence data.

In the wake of reports that an employee of the government contractor could be involved in another leak of sensitive information, Sen. Claire McCaskill (D-Mo.) wrote a letter to the company's CEO, Horacio Rozanski, asking about its ability to protect government data.

On May 24, a cyber risk analyst at UpGuard discovered sensitive federal data in an unsecured Amazon Web Services S3 bucket, apparently uploaded by a Booz Allen employee. The information was related to the National Geospatial-Intelligence Agency and could have been uploaded inadvertently.

Specifically, McCaskill asked Rozanski about the steps the company has taken to investigate how the information became available on a publicly accessible server, if it has determined whether any internal policies or protocols were violated and what actions the company has taken against those responsible for the breach.

The reported leaks raise "questions about the security protocols that [the company] has in place to prevent these types of occurrences," she wrote. "This is just the latest incident where [the company's] ability to manage sensitive information has come into question, including the theft of classified information by… [Booz Allen] employees working under federal contracts."

Edward Snowden and Hal Martin, contractors whose names have become synonymous with leaking sensitive information, were also Booz Allen contractors.

"It's of vital importance that no one can gain unauthorized access to national security information -- but Booz Allen Hamilton put passwords and other sensitive information out there for the world to see," McCaskill said in a statement. "This isn't the first serious incident involving this company, and it's critical we understand what they're doing to end this pattern."

The senator requested a response by July 26.

About the Author

Chase Gunter is a former FCW staff writer.

Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.