UC fined for Los Alamos breach

The U.S. Department of Energy proposed fining the University of California $3 million due to “management deficiencies” that resulted in a security breach at Los Alamos National Laboratory last year.

The UC managed the lab, one of three nuclear-weapons labs in the country, until 2006, and now comanages Los Alamos along with several other companies.

In October 2004, classified information including thousands of pages of documents and several computer storage devices from the lab were found in a trailer, apparently having been removed by a Los Alamos employee. The Department of Energy opened an inquiry into the incident and on Friday announced that management failures were responsible for the security breach.

University officials were not immediately available to comment on the potential implications of the fine.

The $3 million civil penalty is the largest the Department of Energy has ever assessed, according to a statement issued by the department.

The lab’s new management group, which includes the UC, is also facing fines of $300,000 in addition to the $3 million the UC has to pay.

“Investigators revealed that management deficiencies by both (lab management groups) were a central contributing factor (to the security breach),” the Department of Energy’s statement read.

The UC is being fined because investigators found that major security vulnerabilities appeared and went uncorrected while the university was managing the lab.

For example, investigators concluded that the UC “failed to correct a known vulnerability” by not properly monitoring access to and security of classified documents.

The university and the new lab management group have 30 days to respond to the findings, and may still then challenge them in court.

But, in a statement released Friday, Los Alamos acknowledged the inquiry’s conclusions and highlighted steps lab officials are taking to tighten security.

“The lab … has in fact already taken steps to address many of the findings,” Los Alamos officials said in a statement.

One of the major security upgrades the lab has undergone is the certification of a “Super Vault-Type-Room,” so classified material can be consolidated in a secure location.

The statement also noted that lab employees entering areas containing classified material are subject to searches, and training and policies have been updated to improve accountability.

In addition to fines, the Department of Energy issued a compliance order requiring the lab’s new management group to make certain security improvements in accordance with a set timetable.

In their statement, lab officials concurred and said they were continuing to upgrade security.

“Because security at the laboratory involves everyone, one of the most important long-term efforts is involving employees and listening to their ideas and concerns about how best to get the work done securely,” the lab said in the statement.

The October 2004 incident was not the first security breach at Los Alamos. Wen Ho Lee, a former scientist at the lab, was accused in 1999 of leaking nuclear secrets to China. And two years ago, two computer disks from the lab were reported missing, an incident which later proved to be simply an inventory error. The same year, an intern was injured in a laser accident, prompting Los Alamos to close for a year.

With reports from Bruin wire services.

Leave a comment

Your email address will not be published. Required fields are marked *