FOIA tech, OPM scam and more

News and notes from around the federal IT community.

Shutterstock image: filing cabinets.

Tech boosts agency FOIA work

Many federal agencies are showing marked improvements in proactive information publication and using technology more effectively, according to the Justice Department Office of Information Policy's annual summary and assessment of agency Freedom of Information Act reports.

The report also noted, however, that FOIA request backlogs still plague many agencies.

"[T]he level of success achieved by agencies in these efforts varies and there is still work to be done," Justice's OIP noted in a blog post.

More than two-thirds of high-FOIA-volume agencies enabled requesters to track requests online in fiscal 2014, and many agencies launched initiatives to make more information preemptively available to the public and to make that information searchable, the assessment noted.

Last year, 60 percent of major agencies posted quarterly FOIA reports to, while another 17 percent posted reports to their own websites.

"As the public increasingly seeks to communicate with agencies electronically, it is vital that agencies ensure that they utilize technology to facilitate that communication," OIP's assessment said.

FTC paying OPM breach victims? Nope, it's a scam

The Federal Trade Commission is not offering payouts to feds whose personal information was exposed in the Office of Personnel Management breaches.

Don't trust any phone calls or emails that claim otherwise.

The FTC put out a blog post warning of the scam, advising federal employees not to give out personal information or money to mystery callers, even if the caller ID seems to show the call is coming from a government agency.

"The FTC won't be calling to ask for your personal information," the agency noted. "We won't be giving money to OPM data breach victims either."

The agency advised reporting any suspicious calls to the FTC here, and reporting phishing emails to

S&T signs up mobile security contractor

The Department of Homeland Security's Science and Technology Directorate awarded a Northern Virginia small business a $2.9 million development contract to identify mobile app security vulnerabilities.

The 30-month contract with Kryptowire, was awarded through S&T's Long Range Broad Agency Announcement.

S&T said its project looks to establish continuous automated assurance of mobile apps for the federal government. The Cyber Security Division and First Responders Group is leading the effort, with partnerships from the DHS' Office of CIO, Federal Emergency Management Agency, Customs and Border Protection, Computer Emergency Readiness Team, as well as the Justice Department, General Services Administration and other federal agencies.

Audit finds Foreign Intelligence Network needed tighter security

Reuters reports that the Treasury Department's Foreign Intelligence Network may have been left vulnerable to hackers, according to a Treasury Office of Inspector General's audit prepared in late 2014.

While the audit did not find evidence of hacking, up to 29 percent of the Treasury's devices connected to the intelligence network in March 2014 and up to 26 percent in April and May 2014 did not comply with baseline configuration requirements.

Changes in configuration baseline requirements to meet federal cybersecurity standards were still being implemented on some devices.

"As a result, TFIN devices may not be protected with the most secure recommended configurations, increasing the risk of being compromised or misused," Treasury's OIG said in the audit.

Reuters said U.S. spy agencies use the Treasury's Foreign Intelligence Network to identify international threats to the U.S.'s economy and finances, and to measure the impact of economic sanctions on countries such as Iran and Russia.

According to the audit, the Treasury planned to fix the issue by April 30, 2015.

A Treasury official told Reuters the OIG had identified a "minor issue on a very secure system" and "since the release of the audit, Treasury has remedied this matter."

IGs want criminal probe of Clinton emails

Inspectors general for the State Department and the intelligence community have asked the Justice Department to launch a criminal investigation of Hillary Clinton's private email system, suggesting she might have mishandled classified documents while serving as secretary of State, the New York Times reported.

Citing a joint memorandum dated June 29 sent to Undersecretary for Management Patrick Kennedy, the Times reported that a review of emails sent outside the State Department system included "hundreds of potentially classified emails."

Clinton has repeatedly said that she neither sent nor received classified material via the personal account.