The Justice Department is investigating whether an executive at the Bureau of Alcohol, Tobacco, Firearms and Explosives improperly accessed and downloaded the personal information of other employees, according to law enforcement officials briefed on the probe.
The investigation centers on whether Scott Sweetow, deputy assistant director for strategic intelligence and information at ATF headquarters in Washington, sent ATF employee data from his work email to his personal email account.
Security officials began the probe after being alerted to the alleged employee personal data in the emails, according to law enforcement officials.
It was not immediately clear how many employees were affected by the possible breach.
Sweetow, in response to a CNN request for comment, said: “It appears somebody is actively seeking to damage my reputation. While I respect your desire to look into items which may cross your desk, other than to confirm I am a SES [senior executive service] agent assigned to our National HQ and what limited details I place in social media, I am very guarded about my personal life, and any work products in which I may be working. Because of this, I would direct you to our office of Public and Government Affairs in our National HQ.”
He didn’t directly address the matter under investigation.
In a statement to CNN, ATF said “As a general policy, ATF does not comment on personnel matters. We respect the rights of all our employees. We do not discuss specific personnel issues, actions, or the existence of ongoing investigations.”
Patrick Rodenbush, Justice Department spokesman, said: “The Department of Justice has security solutions in place that detect the transmission of sensitive personally identifiable information outside the Department’s computer network. When such incidents are detected, the Department’s Justice Security Operations Center notifies the component-agency within which the incident occurred for additional investigation and any appropriate action.
“While we cannot comment on any particular incident or the status of any investigation, upon receipt of such notice, appropriate actions taken by the component-agency may include: 1) further investigation of the incident, 2) an assessment of the disclosure and potential risks, 3) appropriate steps to mitigate the impact of the incident, and 4) corrective or disciplinary action involving the employee involved in the transmission.”
Government cyberexperts are on heightened alert for hackers in light of a recent massive cyberbreach of government employee databases of the Office of Personnel Management.