Deja vu all over again? DOE to workers: We've been hacked

For the second time this year, the Energy Department tells employees their personal information may have been exposed in a cyberattack.

Anne Dujmovic Former Senior Editor / News
Anne Dujmovic was a senior editor at CNET. Her areas of focus included the climate crisis, democracy and inclusive language. She believes in the power of great journalism and art, and the magic of tardigrades.
Expertise Editorial standards for writing about complex topics, from climate change to politics to misinformation. Credentials
  • Extensive journalism experience in digital media.
Anne Dujmovic
3 min read
The latest cyberattack against the DOE may have affected 14,000 people. CNET

Getting an e-mail from your employer with the subject line "Cyber Incident" usually isn't good news. Especially if you work for the U.S. Department of Energy and it's the second time this year.

The Energy Department on Wednesday notified workers that a hack in late July exposed personal information, such as the names and Social Security numbers of current and past employees, and that 14,000 people may have been affected.

According to the e-mail, obtained by the Wall Street Journal, the agency said "No classified data was targeted or compromised." The department added that it's working with federal law enforcement to find out more about the incident.

A person familiar with the matter told the Journal that hackers were able to gain access to a human resources system that included information like payroll data.

In February, the agency confirmed its computer systems' had been hacked the month before. In that e-mail to employees, the Energy Department said the hack "resulted in the unauthorized disclosure of employee and contractor Personally Identifiable Information." It also said then that "no classified data was compromised."

That incident affected several hundred people, according to the Journal. News of the earlier incident followed a string of hacks targeting The New York Times, the Washington Post, and the Journal as well as companies such as Twitter and, it was later revealed, Facebook and Apple.

The Energy Department did not say in the memo whether it knows who was behind the latest attack. CNET has contacted the department for comment. We'll update the story when we hear back.

Below is a copy of the e-mail obtained by the Journal:

Sent: Wednesday, August 14, 2013 1:13 PM
Subject: Cyber Incident

The Department of Energy has confirmed a recent cyber incident that occurred at the end of July and resulted in the unauthorized disclosure of federal employee Personally Identifiable Information (PII).

The Department is strongly committed to protecting the integrity of each employee's PII and takes any cyber incident very seriously. The Department's Cybersecurity office, the Office of Health, Safety and Security and the Inspector General's office are working with other federal law enforcement to obtain information concerning the nature of the incident. No classified data was targeted or compromised. Once the full nature and extent of this incident is known, the Department will implement a full remediation plan.

We believe about 14,000 past and current DOE employees' PII may have been affected. Individual notifications to affected current employees will begin no later than this Friday, August 16, and will be completed by August 30. While a significant number of employees whose information may have been affected may no longer be employed by the Department, it will be necessary to obtain current contact information in order to notify these personnel. The individual notification process for former employees will begin this week.

Current and former employees receiving an individual notification will be provided with additional information and offered assistance on protecting themselves from potential identity theft. The Department will offer affected personnel free credit monitoring for one year as well as provide recommendations and best practices for minimizing the potential for identity theft.

If you have any further questions, you may send an encrypted email to cyberinfo@hq.doe.gov. For further valuable information regarding protecting yourself from identity theft, and resolving identity theft if it should occur, see these websites:

http://www.ftc.gov/idtheft/ http://www.treasury.gov/services/report-fwa/Pages/id_theft.aspx.