Latest News
-
November 7, 2005 - Volume 83, Number 45
- p. 11
Research
NIH Grant Information Leaks Onto Web
Susan Morrissey
The National Institutes of Health has confirmed that the agency is dealing with a serious “security breach” in the electronic handling of grant applications, which contain private, confidential, and proprietary information. The agency says the breach occurred when a “peer reviewer downloaded review materials in a way that allowed Google to capture, index them, and make them accessible via its search engine.”
The agency is releasing few other details about the incident—including when it occurred—because of concerns that such information could help hackers. NIH spokesman Don Ralbovsky tells C&EN that about 140 applications were compromised as a result of the inadvertent disclosure. NIH addressed the breach and repaired it within 90 minutes of its discovery, he says.
NIH has posted an open letter to peer reviewers about the incident on its grant information website. The letter notes that “the risks associated with any security breach are potentially very serious.” In this instance, however, “NIH has no evidence that the released application information was used for illegal or malicious activities.”
The letter also reassures reviewers that “NIH is committed to protecting the confidentiality of grant information while providing a highly secure, electronic peer review system.” In addition to the immediate action taken to address this breach, the letter explains that the agency is looking into other technical solutions to protect grant-related information.
- Chemical & Engineering News
- ISSN 0009-2347
- Copyright © 2006 American Chemical Society
