Executive Gov
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news
No Result
View All Result
Executive Gov
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news
No Result
View All Result
Executive Gov
No Result
View All Result
Home Cybersecurity

Energy Department Fixes Identity Verification Flaw in Critical Minerals Portal

by Miles Jamison
February 24, 2026
in Cybersecurity, News
Socure's Jordan Burris. The Energy Department has fixed an identity verification vulnerability in a critical minenral portal.

The Department of Energy has remediated an identity verification vulnerability in a portal supporting its critical minerals programs.

The Department of Energy has remediated an identity verification vulnerability in a portal supporting its critical minerals programs after a security researcher disclosed the flaw, Nextgov/FCW reported Monday.

Table of Contents

    • You might also like
    • CISA Forms ANCHOR-CI Framework to Strengthen Critical Infrastructure Security
    • PNNL, OpenAI Partner on DraftNEPABench to Advance Environmental Review Drafting
    • Navy Designates Orion DevSecOps Platform, C-SCRM Capability as Enterprise IT Services
  • What Was the ID Verification Vulnerability?
  • How Was It Discovered?
  • Why Does Identity Verification Matter?
  • Broader Cybersecurity Challenges at DOE

You might also like

CISA Forms ANCHOR-CI Framework to Strengthen Critical Infrastructure Security

PNNL, OpenAI Partner on DraftNEPABench to Advance Environmental Review Drafting

Navy Designates Orion DevSecOps Platform, C-SCRM Capability as Enterprise IT Services

Energy Department Fixes Identity Verification Flaw in Critical Minerals Portal

The DOE’s effort to fix identity verification vulnerabilities underscores the evolving cyberthreat landscape. Gain deeper insight into federal cybersecurity priorities at Potomac Officers Club’s 2026 Cyber Summit on May 21. Book your seat today!

What Was the ID Verification Vulnerability?

Researcher Ronald Lovelace found the system, particularly the portal connected to the Office of Critical Minerals and Energy Innovation, allowed external users to register accounts using email addresses that appeared to belong to the Energy Department without verifying ownership. 

How Was It Discovered?

Lovelace said he used subdomain enumeration, a reconnaissance technique that maps digital footprint and accessible web infrastructure, to identify the portal and the vulnerability in the verification process. He demonstrated the issue by creating a test account with an email formatted as an Energy address and notified department IT staff. There is no evidence that the flaw was exploited.

Why Does Identity Verification Matter?

The weakness may have enabled cyber attackers to impersonate department officials on the platform. By exploiting the vulnerability, threat actors might have deceived researchers, contractors or other senior officials who rely on it for official program communications, potentially gaining access to sensitive internal documents or inserting themselves into program discussions. The risk is especially significant because DOE’s critical minerals programs underpin domestic supply chains that support energy technologies and advanced manufacturing.

“This should be a wake up call for every government agency. When adversaries can enumerate federal domains, map critical digital infrastructure and impersonate senior officials without ever breaching a network, the attack surface has fundamentally shifted,” said Jordan Burris, head of public sector at Socure.

Broader Cybersecurity Challenges at DOE

The remediation follows continued oversight of DOE’s cybersecurity posture. In a 2025 report, the department’s Office of Inspector General warned that dozens of previously identified cybersecurity weaknesses remain unresolved. The watchdog cautioned that gaps in vulnerability management and security controls could leave departmental systems and data exposed to malicious cyber actors.

Stay connected via Google News
Follow us for the latest travel updates and guides.
Add as preferred source on Google
Share5Tweet19

Recommended For You

CISA Forms ANCHOR-CI Framework to Strengthen Critical Infrastructure Security

by Jane Edwards
July 2, 2026
Cybersecurity and Infrastructure Security Agency seal. CISA has formed the ANCHOR-CI advisory body framework.

CISA has created ANCHOR-CI to expand information sharing and coordination across critical infrastructure stakeholdersANCHOR-CI includes the establishment of four types of councilsThe 2026 Homeland Security Summit will highlight...

Read moreDetails

PNNL, OpenAI Partner on DraftNEPABench to Advance Environmental Review Drafting

by Jane Edwards
July 2, 2026
Pacific Northwest National Laboratory logo. PNNL and OpenAI have partnered on the DraftNEPABench project.

OpenAI and PNNL have teamed up to assess AI coding agents for environmental review drafting tasksDraftNEPABench supports federal efforts to speed up environmental impact statement development and permitting...

Read moreDetails

Navy Designates Orion DevSecOps Platform, C-SCRM Capability as Enterprise IT Services

by Kristen Smith
July 2, 2026
Department of the Navy logo. DON designated Orion and the Naval C-SCRM capability as enterprise IT services.

The Navy has designated two mandatory enterprise IT services: the Orion DevSecOps platform for software development and the Naval C-SCRM capability for supply chain risk monitoringOrion is now...

Read moreDetails

NASA Seeks Comments on Draft Solicitation for Lunar Infrastructure Technologies

by Kristen Smith
July 2, 2026
Moon. NASA is gathering industry comments on its draft Lunar Enabling Infrastructure Accelerator solicitation.

NASA is seeking industry feedback on a draft solicitation to fund prototypes in five technology areas key to sustained lunar operationsThe Lunar Enabling Infrastructure Accelerator covers vertical solar...

Read moreDetails

CIA Director John Ratcliffe Reports on Milestones in Tech Procurement Reform

by Jamie Bennet
July 2, 2026
John Ratcliffe. The CIA Director explained the changes in the agency's structure to speed up technological procurement.

CIA Director John Ratcliffe highlighted some milestones in the agency's commitment to accelerating the acquisition of AI and other technologiesHe mentioned the new Office of Corporate Partnerships and...

Read moreDetails
Sign Up For Our Newsletter
Subscribe to our mailing list to receives daily updates direct to your inbox!
Invalid email address
Your privacy is guranteed.
Thanks for subscribing!

Sponsors

About ExecutiveGov

ExecutiveGov, published by Executive Mosaic, is a site dedicated to the news and headlines in the federal government. ExecutiveGov serves as a news source for the hot topics and issues facing federal government departments and agencies such as Gov 2.0, cybersecurity policy, health IT, green IT and national security. We also aim to spotlight various federal government employees and interview key government executives whose impact resonates beyond their agency.

CATEGORIES

  • Acquisition & Procurement
  • Announcements
  • Articles
  • Artificial Intelligence
  • Awards
  • Big Data & Analytics News
  • C4ISR
  • Civilian
  • Cloud
  • Contract Awards
  • Cybersecurity
  • Defense And Intelligence
  • Defense Security Cooperation
  • DHS
  • Digital Assets
  • Digital Modernization
  • DoD
  • Events
  • Executive Moves
  • Executive Spotlights
  • Federal Civilian
  • Financial Reports
  • Foreign Military Sales
  • General News
  • GovCon Expert
  • Government Cloud
  • Government Technology
  • GSA
  • Healthcare IT
  • Industry News
  • Intelligence
  • Legislation
  • M&A Activity
  • National Security
  • News
  • Policy Updates
  • Press Releases
  • Profiles
  • Space
  • Videos
  • Wash100
Sign Up For Our Newsletter
Subscribe to our mailing list to receives daily updates direct to your inbox!
Invalid email address
Your privacy is guranteed.
Thanks for subscribing!

Copyright 2026 Executive Mosaic. All Rights Reserved.

No Result
View All Result
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news

Copyright 2026 Executive Mosaic. All Rights Reserved.

Get your free GovCon news!

Get your latest GovCon news and insights. Become a VIP and subscribe to the GovConWire Daily News.

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
Thanks for subscribing!