Former U.S. National Security Agency contractor Edward Snowden duped colleagues in Hawaii into giving him their login credentials and passwords in order to obtain classified materials.
Sources told Reuters that a handful of NSA employees were identified, questioned and removed from their assignments after giving their login information to Snowden.
Snowden may have obtained login credentials from 20 to 25 colleagues at the NSA base by telling them he needed them in order to carry out his duties as a computer systems administrator, said another source.
Last month Reuters reported that the NSA didn’t even have the most up-to-date anti-leak software at the Hawaii facility where Snowden worked.
It took Snowden only about a month to gather tens of thousands of classified documents, leading to the largest leak of classified information in 61 years.
"In the classified world, there is a sharp distinction between insiders and outsiders. If you've been cleared and especially if you've been polygraphed, you're an insider and you are presumed to be trustworthy," Steven Aftergood, a secrecy expert with the Federation of American Scientists, told Reuters.
"What agencies are having a hard time grappling with is the insider threat, the idea that the guy in the next cubicle may not be reliable," Aftergood added.
News of Snowden swindling passwords came just as the U.S. Senate Intelligence Committee approved a bill that tightens security over U.S. intelligence data.
The bill requires the Director of National Intelligence to set up a procedure in which contractors would have to quickly report incidents of data networks being penetrated by unauthorized persons to spy agencies.