The United States Department of Homeland Security (DHS) has placed several employees on administrative leave for their role in the recent exposure of a document containing detailed information on the passenger screening procedures used by Transportation Security Administration (TSA) officials at US airports.
DHS Secretary Janet Napolitano told members of the Senate Judiciary Committee this morning that the breach was caused by a contract worker who failed to properly redact sensitive information from the document before posting it on a publicly accessible federal government Web site.
The contract worker and immediate supervisors have been placed on leave while the matter is investigated by DHS Inspector General Richard Skinner and by the TSA's Office of Inspections, Napolitano told the committee. Her comments came during testimony for a previously scheduled hearing when she was asked about the data breach.
Responding to those questions, Napolitano reassured the committee that the security of the travelling public had not been compromised. "We have already initiated personnel actions against the individual involved. We have already instituted an internal review to see what else needs to be done," to prevent similar incidents in future, she said.
Napolitano also said she has ordered a department-wide review to ensure that the DHS is being "rigorous and very disciplined" about what it posts online.
Her comments come amid widespread concerns over the security lapse, which resulted in a TSA manual detailing sensitive procedures for airport passenger and luggage screening being publicly posted. The document was posted as part of a TSA contract solicitation process on the Federal Business Opportunities Web. A blogger discovered the manual on Sunday and posted links to it on his Web site. Though the original document has since been removed by the TSA, numerous copies of it are freely available on the Web.
The exposed material included details on TSA procedures for screening passengers, special rules for handling the CIA, diplomats and law enforcement officials and the technical settings and tolerances used by metal and explosive detectors used at airports. It also included information on the frequency with which checked bags are to be hand-screened for explosives, the names of 12 countries whose citizens are automatically sent to secondary screening and a list of items for which screening is not always required.
Each page of the document warns that the information is sensitive and should be only released on a "need to know" basis.
The TSA itself has maintained that the document was outdated and has downplayed the seriousness of the data.
Sen. Susan Collins (R-Maine) ranking member of the Senate Committee on Homeland Security yesterday called the gaffe "shocking" and said the information "provides a road map to those who would do us harm."
Other senators today expressed similar concerns during a previously scheduled hearing on intelligence reform and terrorism prevention. Sen. John Ensign (R-Nev.) called the breach a "serious matter" and asked DHS Assistant Secretary for Policy David Heyman whether the people who authorized the posting had also been put on administrative leave.
"We do not want a scapegoat here," Heyman said.
Find your next job with computerworld UK jobs