An internal memo on the massive NSA leak is painting a clearer picture of how former contractor Edward Snowden was able to gain access to so many secret documents, and it appears he may have been a little sneakier than he says.
According to the February 10 memo, sent by the NSA's legislative director, Ethan L. Bauman, to the House Judiciary Committee., an unnamed civilian NSA employee resigned last month after he lost security clearance for giving Snowden access to classified information, and after learning he (or she) might be fired. This is the first personnel-related response to the massive breach, though two other employees, who had their access to secure information revoked in August, are also under investigation for unwitting involvement in the breach.
Though Snowden said last month that “I never stole any passwords, nor did I trick an army of co-workers," the memo implies the opposite. NBC, which obtained a copy of the letter, reports:
At Snowden’s request,” the civilian NSA employee, who is not identified by name, entered his password onto Snowden’s computer terminal, the memo states. “Unbeknownst to the civilian, Mr. Snowden was able to capture the password, allowing him even greater access to classified information,” the memo states. The memo states that the civilian employee was unaware that Snowden “intended to unlawfully disclose classified information.”
The employee shared his public key infrastructure, which allows access to the NSA's computer system and the classified information it stores, with Snowden. Although the employee was not suspected of collusion, he lost his security clearance for having “failed to comply with security obligations."
In November, Reuters wrote that according to sources, Snowden convinced his co-workers that he needed access to their private log-in information to do his job:
Snowden may have persuaded between 20 and 25 fellow workers at the NSA regional operations center in Hawaii to give him their logins and passwords by telling them they were needed for him to do his job as a computer systems administrator"
Snowden said in January that "the Reuters report that put this out there was simply wrong.”
It probably shouldn't be this easy for contractors to access troves of secret government information, and lawmakers are not pleased with how things went down. House Intelligence Committee member Rep. Jan Schakowsky responded by saying that “If it is true that one or more NSA employees felt free to share a password with Snowden or anyone else, we have a serious security problem at the NSA and someone in charge needs to be held accountable." Senate Judiciary Committee Chairman Patrick J. Leahy added on Thursday, "For months, I have been asking who is being held accountable, and while the NSA director has testified that they have taken a number of steps as a result of the leaks, it is clear that more needs to be done to protect our national security and our privacy.”
This article is from the archive of our partner The Wire.