Sixty-nine computers are missing or were stolen from the Los Alamos National Laboratory, a nuclear weaponry research institution in New Mexico, according to an internal memo released by a government watchdog.
Last year, 80 computers went unaccounted for -- 13 stolen and 67 missing. To date, 11 have been recovered, but 69 remain missing, lab spokesman Kevin Roark told SCMagazineUS.com.
None of the missing computers were labeled classified but still may have contained personal information on employees or other individuals, he said. Some of the machines contained encryption, and the lab now is considering implementing the technology across all computers.
“If we determine it's likely that someone's PII (personally identifiable information) has been compromised, we provide resources to those people to protect them from identity theft,” Roark said. “But the serious matter is whether there was classified info involved, which it was not.”
Los Alamos, part of the US Department of Energy, researches and develops technology related to national security.
An internal memo concerning the number of missing or stolen laptops was obtained and released by the nonprofit Project on Government Oversight (POGO), a federal government watchdog.
The memo states that a laptop theft occurred on January 16, where three computers were stolen from a lab employee's home in the city of Santa Fe. That incident revealed cybersecurity, management and accountability concerns.
Initially, the incident was treated just as a property issue and the lab was "not engaged in a timely and proactive manner to assess and address potential loss of sensitive information,” the memo states. Only one of the three computers was authorised for home use, though, which since has raised security concerns that policies were not being followed, Roark said.
Adrian Lane, principal security strategist at security consultancy Securosis, told SCMagazineUS.com that this was often found in instances of machine being lost or stolen.
"You have to bring into question [that] each one has the possibility that there was actually sensitive information on it and if there's not protection [encryption] and they're not being audited, I would be worried," he said.
As a result of the memo, Los Alamos National Laboratory (LANS) was given until last Friday to send a written report about the status of all the stolen or missing computers and address the potential cybersecurity ramifications of each. Los Alamos was directed to work with the National Nuclear Security Administration (NNSA), which manages the lab, to develop and execute a program to correct any system deficiencies or weaknesses in computer accountability.
An NNSA spokesman said LANS did provide that correspondence on Friday but could not elaborate on the content of the letter, as it is currently under review.
See original article on scmagazineus.com
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
