Hackers hit U.S. Department of Energy

During a cyberattack on the agency's computers and servers, the personal data of employees and contractors is stolen, but, reportedly, no classified data is leaked.

Dara Kerr Former senior reporter
Dara Kerr was a senior reporter for CNET covering the on-demand economy and tech culture. She grew up in Colorado, went to school in New York City and can never remember how to pronounce gif.
Dara Kerr
2 min read
The U.S. Department of Energy said that hackers have stolen personal data of its employees and contractors.

The U.S. Department of Energy has confirmed that its computer systems were hacked into last month. According to The New York Times, the federal agency sent around an internal e-mail on Friday telling its employees about the cyberattack.

"The Department of Energy has just confirmed a recent cyber incident that occurred in mid-January which targeted the Headquarters' network and resulted in the unauthorized disclosure of employee and contractor Personally Identifiable Information," the e-mail said.

The agency said that it is working to figure out the "nature and scope of the incident" but that so far it believes "no classified data was compromised." It's unclear which divisions within the Department of Energy were attacked or who was behind the hack.

The Department of Energy is in charge of much of the country's vital infrastructure, such as energy production, nuclear reactor production, and radioactive waste disposal. It has troves of classified and sensitive data that if leaked could be detrimental to the country's security. According to Reuters, the most highly classified information is stored on networks that aren't connected to the Internet.

The head of Homeland Security Janet Napolitano recently announced that she believes a wave of cyberattacks on U.S. infrastructure is a serious possibility. Dubbing such an event a "cyber 9/11," Napolitano warned that cyberterrorists could take down the nation's power grid, water infrastructure, transportation networks, and financial networks.

While it doesn't seem like the January cyberattack on the Department of Energy compromised any data or infrastructure, it does show that hackers were able to breach the government's computer systems. In the e-mail, the agency said it is working to fortify itself against future attacks.

"Once the full nature and extent of this incident is known, the Department will implement a full remediation plan," the e-mail said. "The Department is also leading an aggressive effort to reduce the likelihood of these events occurring again. These efforts include leveraging the combined expertise and capabilities of the Department's Joint Cybersecurity Coordination Center to address this incident, increasing monitoring across all of the Department's networks and deploying specialized defense tools to protect sensitive assets."

CNET contacted the Department of Energy for comment. We'll update the story when we get more information.