WASHINGTON, DC, Jan. 3 -- A mid-August security breach at an LNG facility in Lynn, Mass., should remind other operators of LNG terminals, peak-shaving plants, and other facilities to implement security measures to stop intruders, the US Pipeline and Hazardous Materials Safety Administration said on Dec. 28.
"PHMSA's pipeline safety regulations require operators to implement security regulations that deter intruders. These measures include written procedures, protective enclosures, security communications, lighting, and monitoring," the Department of Transportation agency said in an advisory bulletin.
In the Massachusetts incident, PHMSA said that an LNG facility operator learned during routine maintenance of a gate at the side of a storage tank that security had been breached earlier when intruders broke through the gate. The tank itself was not damaged, the agency added.
"Investigation revealed that the intruders had cut through the outer and inner perimeter fences and through the locked gate to gain access to the storage tank several days before the incident was discovered," PHMSA said.
It noted that the facility's microwave intrusion system documented the break-in on a computer monitoring system that should have alerted operating personnel, but employees did not respond.
"In the days following, personnel conducted several routine visual inspections of the area without noting the cuts in the fences. Although there was also video surveillance of the perimeter, personnel did not review the tape until they investigated the breach," PHMSA said.
The facility is owned and operated by a division of KeySpan Corp. A spokeswoman confirmed that the incident occurred and said that the company responded by internally reviewing its security procedures and hiring an outside security consultant.
It also invited the US Department of Homeland Security to review policies and procedures at the Lynn LNG facility, she told OGJ on Jan. 3. "We made additional adjustments to our security protocols to assure that such an incident doesn't happen again," the spokeswoman said.
The Massachusetts Department of Telecommunications and Energy fined KeySpan $250,000 on Dec. 8 for allegedly violating several safety regulations in the incident. In determining the fine, the department, which is part of the state's consumer affairs and business regulation office, said that it also proposed remedial actions to prevent a similar event in the future.
"The LNG plants in Massachusetts are an important and vital part of the state's gas supply system. They must have in place rigorous security practices and procedures to safeguard their facilities against intruders so that they can continue to function safely with uninterrupted service to their customers. The security personnel and equipment at these plants not only protect the facility, but protect the public as well," said Massachusetts Consumer Affairs and Business Regulation Director Janice S. Tatarka.
In setting the amount of the fine, DTE said it considered the gravity of the security breach, KeySpan's culpability, and remedial actions already undertaken by KeySpan after the incident. Under state regulations, the company has 30 days to respond to the allegations by either signing a consent agreement and paying the fine or requesting a hearing before DTE.
The department also undertook a comprehensive review of all Massachusetts LNG facilities, with help from the state police's Commonwealth Fusion Center Critical Infrastructure Assessment Unit, and submitted a report to Gov. Mitt Romney in September. The review found that LNG facilities in Massachusetts substantially comply with federal and state safety and security regulations, DTE said.
In its Dec. 28 advisory, PHMSA recommended that LNG plant and facility operators:
-- Test systems thoroughly to verify that alarms work and monitoring devices function as intended.
-- Ensure that security personnel are properly trained on the security procedures of each facility they monitor.
-- Determine whether designated employees can promptly respond to intrusions or other security breaches.
-- Update procedures as needed to provide the most effective security and incorporate the most relevant threat information.
-- Confirm that remote monitoring station employees properly coordinate activities with parties responsible for security.
-- Independently audit LNG plant security or conduct unannounced tests of security systems, procedures and personnel.
Contact Nick Snow at firstname.lastname@example.org.