Watchdog Faults FBI Staff for Mishandling Secret Report on U.K. Terrorist Attack

An inspector general’s detailed review of emails faulted three FBI employees and a staff member for misrouting classified information relating to the May 2017 terrorist bombing of a concert in Manchester, England, given by singer Ariana Grande.

The watchdog launched the probe after a tip from the FBI that someone may have leaked sensitive British information to a New York Times reporter writing on the bombing that killed 22 and interrupted the American singer’s show. The reporter in question is thought to be C.L. Chivers.

The IG’s report released in summary last week did not determine who may have fed information to the reporter. But it criticized email security practices of three FBI employees and one member of a related working group.

Following the bombing traced to an Islamic fundamentalist, the FBI was working with a British intelligence report that the U.K. government had disseminated by email to several U.S. agencies and foreign law enforcement bodies.

“The OIG determined that the FBI initially further disseminated the UK Intelligence Report to over 1,000 unique recipients, including to offices at FBI headquarters, Joint Terrorism Task Force members, and other federal agency partners,” the watchdog’s summary said. “This further dissemination included caveats about the sensitivity of the report and the need to limit further dissemination.”

Recipients subsequently forwarded the report to other FBI employees and law enforcement partners outside the IG’s purview, which complicated the IG’s ability to trace the leak, the summary released Oct. 10 added.

The FBI itself, upon referring the matter to the IG, declared that it had “analyzed FBI e-mail records, internal text messages, and FBI telephone logs, but found no contacts with the telephone numbers or e-mail addresses known to be associated with the attributed author of the NYT article.” Tracers also identified other nongovernment individuals to whom FBI employees had forwarded the report.

The watchdog did find substantiated violations of Justice Department and FBI computer rules of behavior and FBI policy by four individuals. After voluntary inspections of employees' mobile devices, investigators found specifically that:

• Two FBI personnel intentionally forwarded the e-mail containing the UK Intelligence Report to their personal, non-government e-mail accounts;
• One of these two FBI employees previously had “improperly forwarded to the employee’s personal e-mail account approximately 550 other FBI e-mails with header information indicating the content was sensitive, or restricted for official use;”
• A second employee had forwarded one other FBI e-mail containing operationally sensitive information to the employee’s personal e-mail account;
• A task force officer assigned to the FBI forwarded the UK Intelligence Report to a foreign law enforcement partner without obtaining FBI permission to do so, and transmitted the report without including all of the relevant instructions restricting further distribution of the report (that office had previously forwarded other sensitive information to unauthorized recipients); and,  
• A fourth FBI employee had set an unauthorized auto-forward of the employee’s FBI email to the employee’s personal e-mail account in violation of FBI policy (though filters prevented the message from being delivered).

The IG provided the report to the FBI to determine next steps.