The National Security and Intelligence Review Agency says that between March 9 and March 19, a hacker gained access to an agency network that included a database with names, phone numbers, email addresses, and scrambled versions of current and previous passwords.