A US security firm has revealed it has been able to access sensitive information from military and government computers without approval.

Security consultants from the ForensicTec company used free and widely available software over the summer to identify poorly protected PCs and view such items as email messages, personnel records and financial data.

It's like coming across the Pentagon and seeing a door open with no-one guarding it

Brett O'Keefe ForensicTec president

Army spokesman Colonel Ted Dmuchowski confirmed that a network had been breached but said that the material was unclassified and the breach "did not affect national security".

Computer trespass has skyrocketed in recent years as computers and networks become linked to the internet, prompting the US authorities to consider tough penalties for hackers.

Last month, the House of Representatives approved a bill which could lead to life imprisonment for more malicious hackers.

'Shocked and scared'

ForensicTec President Brett O'Keefe said his company came forward because it felt it needed to highlight security failures.

The intrusion occurred on the unclassified network of an army tactical unit in its garrison location - this was not the Pentagon

Colonel Ted Dmuchowski

"We were shocked and almost scared by how easy it was to get in," he told the Washington Post newspaper. "It's like coming across the Pentagon and seeing a door open with no-one guarding it."

ForensicTec is made up of former employees of a private investigation firm and relative newcomers to security. They came across the network for the Fort Hood army base in Texas while working with another client.

From there were able to access other military bases and civilian agencies such as space agency Nasa and the Energy and Transportation Departments.

Many computers were found to have simple passwords such as the user's name or "password".

The consultants were able to read emails sent between senior officers, recruits' financial details, and records of radio-encryption techniques and laser-targeting systems.

'Not serious'

Colonel Dmuchowski, who heads the Information Assurance department in the army's Chief Information Office, said the army would introduce state-of-the-art hardware and software to protect sensitive files.

He said the security breaches were not serious.

"On a scale of one to 10, this is a 2.5," he said. "The intrusion occurred on the unclassified network of an army tactical unit in its garrison location - this was not the Pentagon."

He said that while there were tens of thousands of attempts to breach army networks last year, less than 0.5% succeeded.

But some experts say ForensicTec's efforts showed that either organised espionage or the placing of viruses or worms via these low-security networks could lead to more serious attacks on more sensitive networks.