(Note language in 7th paragraph)
(Add Senate Sergeant at Arms comment)
WASHINGTON, July 18 Congressional aides in the
U.S. Senate and House of Representatives said on Thursday that
they were notified of a potential security risk involving email
and other accounts.
"There have been reports online of Senate and House email
accounts being exposed and hacked," said an email warning sent
to all Senate staff.
The memo added, "no account or data has been accessed or
stolen." But the memo warned that the posting of congressional
email addresses often leads to "future targets of spear
phishing," a type of electronic fraud targeting specific
Congressional employees were warned to forward suspicious
emails to security officials so they could be screened.
Senate Sergeant at Arms Terrance Gainer said a "hacker was
able to gain limited access to a vendor's servers" and that U.S.
Capitol Police and the FBI were investigating.
A long list of congressional email accounts, some belonging
to former employees, was posted on at least one website. Many of
the email addresses also listed what appeared to be passwords.
Gainer said those passwords were "inaccurate."
A tweet by OpLastResort warned: "Dear #Congress: We are
paying very, very close attention to how you handle #NSA #FISA &
#PRISM Don't.. Fuck.. Up...."
Washington has been roiled by last month's revelations by
former security contractor Edward Snowden of a U.S. government
data collection program called Prism. NSA is the National
Security Agency and FISA is the Foreign Intelligence
Surveillance Court that oversees federal surveillance
Some House aides received a security alert on Tuesday from
iConstituent, a private firm with offices in Washington, D.C.,
and Santa Barbara, California, which helps lawmakers communicate
with constituents, according to its website.
"We learned today of a potential security risk, which could
affect users of the Constituent Gateway eNewsletter product,"
according to the warning obtained by Reuters.
It added that a "forced password change" for all accounts
had been triggered as a precautionary measure.
IConstituent officials were not available for comment, nor
were security officials for the Senate and House.
(Reporting By Richard Cowan; Editing by Stacey Joyce)
Keywords: USA CONGRESS/EMAILS
(C) Reuters 2012. All rights reserved. Republication or redistribution of
Reuters content, including by caching, framing, or similar means, is
expressly prohibited without the prior written consent of Reuters. Reuters
and the Reuters sphere logo are registered trademarks and trademarks of
the Reuters group of companies around the world.