Lax safety at anthrax lab cited in 2001 anthrax attacks

The U.S. Army laboratory at Fort Detrick, Maryland, reportedly had such poor security measures in place up to the fall of 2001 that anthrax spores could have easily been smuggled out of it for use in the deadly mail attacks of that year.

Two long-secret security reports detail security procedures so lax that any researcher, aide or even temporary worker could have left the facility with enough anthrax to grow the trillions of spores needed to fill the letters sent to Congress and media outlets in 2001, reports.

The reports, which have remained out of the public eye for nine years, describe how former employees were included on access lists, how new hires were granted access to deadly germs before background checks were conducted and how stocks of pathogens were inadequately monitored and controlled.

Since 2001, Fort Detrick’s U.S. Army Medical Research Institute of Infectious Diseases has adopted a new set of security measures, but at the time of the attacks, the anthrax stocks at the lab may have been more accessible than investigators assumed when they declared researcher Bruce Ivins the perpetrator, according to

The U.S. Justice Department maintains that Ivins is the sole person behind the attacks, which killed five people and injured 17 others. They say that the letter spores derived from a flask Ivins controlled at Fort Detrick.

One of the security reports was conducted by a seven member team from Sandia National Laboratories, the other by auditors for the U.S. Army’s inspector general’s office. They are expected to be made public soon as part of a $50 million lawsuit against the federal government by the family of Robert Stevens, a photo editor who died as a result of the attacks.

"It's about time," Richard Schuler, a lawyer for the Stevens family, said, reports. "The public should know about the way security for deadly pathogens was being handled -- or mishandled -- by the Department of the Army and the government in the period leading up to the 2001 anthrax attacks."

The Sandia report says that Fort Detrick’s USAMRIID employees failed to demonstrate the same commitment to security as they made to research, despite their critical mission and their work with some of the world’s deadliest pathogens.

"The current biosecurity system at USAMRIID does not adequately protect HCPTs (high-consequence pathogens and toxins) and related information," the Sandia team wrote, according to