WASHINGTON -- A hacker stole a file containing the names and Social Security numbers of 1,500 people working for the Energy Department's nuclear weapons agency. But in the incident in September, somewhat similar to recent problems at the Department of Veterans Affairs, senior department officials were told only two days ago, officials testified during a congressional hearing yesterday. None of the victims was notified, they said. The data theft occurred in a computer system at a service center belonging to the National Nuclear Security Administration in Albuquerque. The file contained information about contract workers throughout the agency's nuclear weapons complex, a department spokesman said. Linton Brooks, an administrator at the agency, said during a House hearing that he learned of the security breach late in September, but did not inform Energy Secretary Samuel Bodman about it. It had occurred earlier that month. Brooks blamed a misunderstanding for not informing either Bodman or Clay Sell, the deputy energy secretary . Brooks's agency is a semiautonomous organization within the department, and he said he assumed DOE's counterintelligence office would have briefed the two senior officials. ``That's hogwash," Representative Joe Barton, chairman of the Energy and Commerce Committee, told Brooks. ``You report directly to the secretary. You meet with him or the deputy every day. . . . You had a major breach of your own security, and yet you didn't inform the secretary." Bodman first learned of the theft two days ago, according to Craig Stevens, his spokesman. The House Energy and Commerce oversight and investigations subcommittee learned of the security lapse Thursday evening on the eve of its hearing on DOE cybersecurity, said Representative Ed Whitfield, a Kentucky Republican who is chairman of the panel. Although the compromised data file was in the nuclear security agency's unclassified computer system -- and not part of a more secure classified network that contains nuclear weapons data -- the DOE officials would provide only scant information about the incident during the public hearing. Brooks said the file contained names, Social Security numbers, birth dates , a code indicating where the employees worked, and codes showing their security clearances. A majority of the individuals worked for contractor, and the list was compiled as part of their security-clearance processing, he said.
