Rep. Spencer Bachus (R-Ala.) sent a letter to Chief Administrative Officer Dan Beard on Thursday complaining that he was not promptly informed when someone hacked into his and other Members Web sites.
On Aug. 1 and 2, a hacker broke into the House.gov Web sites of about 20 Members, replacing portions of text with a digital form of graffiti. Whole pages were replaced with the repeated phrase H4ck3d by 3n_byt3 @ Indonesia H4ck3rs, according to images on www.zone-h.com, a site that tracks Web site defacements.
House officials say that the hacker accessed the site by guessing passwords assigned to Member offices by GovTrends, a Web design company that hosts the sites of about 100 Members. Some offices never changed the passwords, which GovTrends founder Ab Emam called obvious and easy to guess.
Within hours, GovTrends officials had discovered the breach and changed the passwords of all their clients, and Emam said they will now be a combination of numbers, symbols and letters.
But in his letter, Bachus claims he didn't know about the security breach until Wednesday, when a constituent called his office.
While I appreciate the diligent work the staff of the CAO has done to resolve the issue,
the incident has left several questions unanswered. Specifically, what is the procedure for
notifying the victims of hacks? Bachus wrote.
It is my hope that your office will consider immediately informing Member offices of cyber attacks in the future rather than relying on outside vendors, he wrote.
Bachus also wrote that his office has been told the CAO does not often pursue prosecution because there is no way to track down the criminals responsible for these acts. But his constituent -- Gary Warner, who is the director of research in computer forensics at the University of Alabama at Birmingham -- tracked down the hacker's server and the university he attended.
Bachus asked the CAO to provide copies of the Web logs and evidence supporting GovTrends speculation that the hacker simply guessed the password.
Please provide an explanation of the vulnerability that allowed this situation to occur and what is being done to prevent it from happening again in the future, he wrote. It is extremely important that my constituents can trust that information provided to my office is kept confidential and secure.
CAO spokesman Jeff Ventura said officials had not yet reviewed the letter, which was sent on Thursday evening. But Ventura said earlier that the breach had not led to the release of any sensitive information.