“Weaknesses in the federal government’s own cyber-security have put at risk the electrical grid, our financial markets, our emergency response systems, and our citizens’ personal information,” said Sen. Tom Coburn (R) of Oklahoma, who oversaw development of the report, in a statement Tuesday.

Hackers have penetrated, taken control of, damaged, or stolen sensitive information from computer systems across the federal government including the Departments of Homeland Security, Justice, Defense, State, Labor, Energy, and Commerce, the report says. Now add NASA; the Environmental Protection Agency; the Federal Reserve; the Commodity Futures Trading Commission; the Food and Drug Administration; the National Weather Service, and others.

The report’s laundry list of cyber-missteps was culled from more than 40 audits, investigations, reviews by agency Inspectors General, the Government Accountability Office, and news reports. Even basic steps like stronger passwords or patching computers with updates could have fixed many vulnerabilities, it said.