The University of California was officially served a $3 million fine on Friday after the U.S. Dept. of Energy ruled the UC had mismanaged the Los Alamos National Laboratory last year.
The labs, managed by the Los Alamos National Security LLC, a group featuring the UC, Bechtel, BWX Technologies and Washington Group International, conducts nuclear weapons research as well as advanced studies in other fields. The fine stems from a discovery made during an October 2006 raid in which sensitive LANL documents were found on a former LANL subcontracted employee’s computer.
Inside employee Jessica Quintana’s trailer home near LANL, police discovered over 1,000 pages of documents on her personal computer, which were reproduced and taken from the labs. Police also found drugs and paraphernalia.
Quintana, who pled guilty to a misdemeanor, claimed she removed the information in order to catch up with her work, which involved scanning classified materials.
According to the D.O.E. violation letter, the UC allegedly created a vulnerability when it included portable media such as USB thumb drives at the labs – a component which D.O.E. had asked the UC to remove earlier in March 2006. The D.O.E. alleges that the University was negligent because it did not remove the ports until after May 31, 2006. By then, the files had already been downloaded by Quintana.
In July 2007, the D.O.E. served the University with a preliminary notice of the violation. In response, the UC argued that it was not solely responsible for the breach, as it had occurred shortly after the labs became managed by the LLC.
Additionally, the University stated that Quintana was not a direct employee of the UC, but rather a hired subcontractor in the facility, which the UC claimed further absolved it from responsibility. The preliminary notice had also included a proposed $300,000 charge to the Los Alamos National Security LLC, but the fine was dropped from the final issuance.
The U.S. National Nuclear Safety Administration also charged that alleged “structural management deficiencies” caused by the UC’s management of the labs contributed to the circumstances, which allowed the worker to remove the documents without detection.
In its notice, the NNSA detailed specific violations in five areas of security, including the UC’s alleged failure to establish a more comprehensive search policy for employees leaving the facility, citing that searches were conducted only on a random basis.
The University now has 30 days to appeal the notice or pay the fine. UC Spokesman Chris Harrington said the University had received the fine and is “reviewing the document,” though he declined to provide further details.