WASHINGTON (CNN) -- The passport file of any American could be exposed, but there have been only a few breaches of the Passport Office's security system, State Department spokesman Sean McCormack said Friday.
The passport files of Sens. Barack Obama, Hillary Clinton and John McCain were improperly accessed.
Those few incidents were likely "imprudent curiosity," he said.
"I don't have exact numbers for you, but every single year there's probably a handful of cases where you have unauthorized access to passport data," McCormack told a news briefing.
The issue of exposed passport files came to light during the past two days as the State Department revealed the files of the three presidential contenders, Sen. Barack Obama, D-Illinois, Sen. Hillary Clinton, D-New York, and Sen. John McCain, R-Arizona, had been accessed without authorization.
A State Department source said passport files contain scanned images of passport applications, birth date and basic biographical information, records of passport renewal and possibly citizenship information.
McCormack called the incidents "inexplicable" and "over the line."
He said whatever the circumstances, those responsible had ample warning to stay out of the files. Watch why the government-wide grade on securing private data is a C- »
"Every single time they access a computer there's a reminder that comes up that says: The information you are about to access has Privacy Act restrictions on it and you are acknowledging that you have a need to know in order to do your job to access this file; and that if you are accessing it in an unauthorized manner, then there are potential penalties."
McCormack said the files of politicians and celebrities are flagged for extra attention on unauthorized access, but "the same kind of vigilance applies to every other passport application that we handle."
Clinton's file was accessed in a training situation as the passport office handled a "surge" of applications last summer, McCormack said, when a trainee was "encouraged to enter a family member's name, just for training purposes."
"This person chose Sen. Clinton's name. It was immediately recognized, they were immediately admonished. And it didn't happen again," he said.
The circumstances of the Obama and McCain incidents were under investigation.
In each instance, a computer-monitoring system, triggered when employees access the file of a high-profile person, caught the breaches, McCormack said, emphasizing the department's system "worked."
He said lower-level managers had thought they had taken care of the problems and did not report them to senior levels in the State Department.
Department employees were re-evaluating procedures and working to make sure senior managers are told about breaches, he said.
"They are going to take a look at these particular unauthorized accesses ... in the case of these three presidential candidates, but they're also going to take a look at whether or not there are any systemic issues that need to be addressed," McCormack said. E-mail to a friend