Security Breach on Capitol Hill

Jared Wade


December 1, 2009

In October, a data breach on Capitol Hill that revealed the names of at least eight lawmakers being investigated for ethics violations called into question the cybersecurity policies that exist for Congress and led House Speaker Nancy Pelosi (D-CA) to pledge an “immediate and comprehensive assessment” of how the entire legislative body handles sensitive data.

Generally, the House ethics committee does not reveal the names of representatives involved in preliminary investigations in order to protect them from unfairly being associated with impropriety. But representatives Maxine Waters (D-CA), Laura Richardson (D-CA) and up to six others were identified as targets of committee probes after a junior staffer improperly uploaded an internal document to a peer-to-peer file-sharing network, making it accessible to virtually anyone. Experts believe the file was downloaded by users in Washington, New York and even as far away as London, and the leak became public after the Washington Post published the news.

The staffer responsible was fired soon thereafter, but that provided little solace for lawmakers whose reputations can be clouded by even the specter of investigation. Richardson, who was being investigated for potential violations related to a private real estate deal, said that she had been “subjected to premature judgments, speculation and baseless distractions that will finally be addressed in a fair, unbiased, bipartisan evaluation of the facts.” Waters, who was being examined due to a meeting she arranged last year between a minority banker and federal regulators, similarly stated that she would be exonerated of any ethical wrongdoing.

Thus far, little practical progress towards implementing better safeguards has been made, and according to security experts, many other government documents, including highly classified military files, have been compromised in recent years. So while the October breach is unfortunate for those involved and represents committee operations that Representative Gary Miller (R-CA), another whose name was leaked as an investigation target, termed “ridiculous and amateurish,” the entire incident will hopefully lead to a policy that will better protect all sensitive governmental data.

Jared Wade is a freelance writer and a former editor of Risk Management.