Congress

Senate Dem wants answers on reported Booz Allen leak

Claire McCaskill 

Sen. Claire McCaskill wants a prominent government contractor to answer allegations of security breaches.

The ranking member of the Senate Homeland Security and Government Affairs Committee wants answers from Booz Allen Hamilton about its security posture and ability to manage sensitive intelligence data.

In the wake of reports that an employee of the government contractor could be involved in another leak of sensitive information, Sen. Claire McCaskill (D-Mo.) wrote a letter to the company's CEO, Horacio Rozanski, asking about its ability to protect government data.

On May 24, a cyber risk analyst at UpGuard discovered sensitive federal data in an unsecured Amazon Web Services S3 bucket, apparently uploaded by a Booz Allen employee. The information was related to the National Geospatial-Intelligence Agency and could have been uploaded inadvertently.

Specifically, McCaskill asked Rozanski about the steps the company has taken to investigate how the information became available on a publicly accessible server, if it has determined whether any internal policies or protocols were violated and what actions the company has taken against those responsible for the breach.

The reported leaks raise "questions about the security protocols that [the company] has in place to prevent these types of occurrences," she wrote. "This is just the latest incident where [the company's] ability to manage sensitive information has come into question, including the theft of classified information by… [Booz Allen] employees working under federal contracts."

Edward Snowden and Hal Martin, contractors whose names have become synonymous with leaking sensitive information, were also Booz Allen contractors.

"It's of vital importance that no one can gain unauthorized access to national security information -- but Booz Allen Hamilton put passwords and other sensitive information out there for the world to see," McCaskill said in a statement. "This isn't the first serious incident involving this company, and it's critical we understand what they're doing to end this pattern."

The senator requested a response by July 26.

About the Author

Chase Gunter is a staff writer covering civilian agencies, workforce issues, health IT, open data and innovation.

Prior to joining FCW, Gunter reported for the C-Ville Weekly in Charlottesville, Va., and served as a college sports beat writer for the South Boston (Va.) News and Record. He started at FCW as an editorial fellow before joining the team full-time as a reporter.

Gunter is a graduate of the University of Virginia, where his emphases were English, history and media studies.

Click here for previous articles by Gunter, or connect with him on Twitter: @WChaseGunter

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.