(NationalSecurity.news) As federal investigators continue to pore over emails sent through Democrat presidential contender Hillary Clinton’s private server during her stint as Secretary of State, in an effort to determine whether she violated rules governing the handling of secret information, reports have surfaced that other department personnel have also used private accounts to send “sensitive” information, The Washington Free Beacon reports.
Senior staff at the U.S. Embassy in Japan, including the U.S. ambassador, were found to have conducted “official business” using their personal email, subjecting the information to potential hacking and other cyber threats, the State Department Inspector General (IG) has said in a new report.
The report adds further concern to national security experts in the wake of revelations that some of the emails Clinton sent and received through her personal server were top secret, including drone talk.
The State Department IG report conducted “a review and confirmed that senior embassy staff, including the Ambassador, used personal email accounts to send and receive messages containing official business,” the August report[PDF] – until recently marked “sensitive” but unclassified – noted.
The IG investigation further revealed “instances where emails labeled Sensitive but Unclassified were sent from, or received by, personal email accounts,” which left the information potentially vulnerable to hackers.
The IG’s findings come on the heels of an admission by the State Department that its computer systems are subject to hacking nearly daily.
As for using personal email accounts, the IG noted there are multiple “risks associated” with the practice.
In Clinton’s case, the FBI is continuing to investigate alleged breaches of national security protocol and U.S. statutory law governing the electronic handling of classified data. The agency has seized her private server and is continuing forensic analysis to see how much data can be recovered since Clinton had it professionally wiped by an IT firm in Colorado before turning it over.
In all cases, including Clinton’s and the use of private email accounts among U.S. Embassy staff in Japan, the risks of this behavior “include data loss, hacking, phishing, and spoofing of email accounts, as well as inadequate protections for personally identifiable information,” according to the IG report.
“The Department of State has not addressed security problems, including vulnerabilities which the Office of Inspector General identified in previous inspection ” the report said.
The use of private email accounts to conduct State Department business is against the department’s official policy.
“Department policy is that employees generally should not use private email accounts (for example, Gmail, AOL, Yahoo, and so forth) for official business,” according to the inspector general. “Employees are also expected to use approved, secure methods to transmit Sensitive but Unclassified information when available and practical.”
Internal security flaws and the tendency among State Department officials to use personal email has many in Congress concerned about the theft of sensitive government information.
Sen. David Perdue, R-Georgia, has long pressed the State Department to implement greater cyber safeguards,
In an interview, Perdue told The Washington Free Beacon that the Obama Administration is not doing nearly enough to protect its government networks.
“Recent data breaches of U.S. cyber networks should prompt all government officials to strengthen communication security,” Perdue said. “This Inspector General report indicates systemic issues across the State Department, specifically in email communications.”
“As Chairman of the subcommittee charged with overseeing State Department operations, I will continue to advocate for greater oversight to ensure these common-sense IG recommendations are implemented,” he added. “National security and safeguarding sensitive government information must always be a top priority.”