Congress

Senate Dem wants answers on reported Booz Allen leak

Claire McCaskill 

Sen. Claire McCaskill wants a prominent government contractor to answer allegations of security breaches.

The ranking member of the Senate Homeland Security and Government Affairs Committee wants answers from Booz Allen Hamilton about its security posture and ability to manage sensitive intelligence data.

In the wake of reports that an employee of the government contractor could be involved in another leak of sensitive information, Sen. Claire McCaskill (D-Mo.) wrote a letter to the company's CEO, Horacio Rozanski, asking about its ability to protect government data.

On May 24, a cyber risk analyst at UpGuard discovered sensitive federal data in an unsecured Amazon Web Services S3 bucket, apparently uploaded by a Booz Allen employee. The information was related to the National Geospatial-Intelligence Agency and could have been uploaded inadvertently.

Specifically, McCaskill asked Rozanski about the steps the company has taken to investigate how the information became available on a publicly accessible server, if it has determined whether any internal policies or protocols were violated and what actions the company has taken against those responsible for the breach.

The reported leaks raise "questions about the security protocols that [the company] has in place to prevent these types of occurrences," she wrote. "This is just the latest incident where [the company's] ability to manage sensitive information has come into question, including the theft of classified information by… [Booz Allen] employees working under federal contracts."

Edward Snowden and Hal Martin, contractors whose names have become synonymous with leaking sensitive information, were also Booz Allen contractors.

"It's of vital importance that no one can gain unauthorized access to national security information -- but Booz Allen Hamilton put passwords and other sensitive information out there for the world to see," McCaskill said in a statement. "This isn't the first serious incident involving this company, and it's critical we understand what they're doing to end this pattern."

The senator requested a response by July 26.

About the Author

Chase Gunter is a staff writer covering civilian agencies, workforce issues, health IT, open data and innovation.

Prior to joining FCW, Gunter reported for the C-Ville Weekly in Charlottesville, Va., and served as a college sports beat writer for the South Boston (Va.) News and Record. He started at FCW as an editorial fellow before joining the team full-time as a reporter.

Gunter is a graduate of the University of Virginia, where his emphases were English, history and media studies.

Click here for previous articles by Gunter, or connect with him on Twitter: @WChaseGunter

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.