Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"My AVG WILL NOT UPDATE"
on AVG update deletes critical Windows file
by James Downs | Dec 2, 2008 5:58 AM
 
"Concerned man's comments seem to intimate that if I'm using agents all will be well but the ..."
on Shavlik Technologies to broaden its patch management offerings
by Werner K | Nov 26, 2008 8:36 PM
 
"That will enhance Microsoft Office system, including SharePoint - good platform for enterprise ..."
on Companies have security to consider with in-the-cloud Office
by SGE | Nov 25, 2008 3:29 PM
 
"how many users allow per session? because the digital persona password manager allows only 10 ..."
on DigitalPersona Pro Workstation/Pro Server
by Daniel | Nov 25, 2008 12:14 AM
 
"security through obscurity...shows how detached HIPAA is from reality."
on Privacy breaches causing business instability
by priceOfFishInChina | Nov 20, 2008 1:19 PM
Identity

Lost: hard drive with information of 100,000 employees in US

  • Email a Friend
  • Print Page
Lost: hard drive with information of 100,000 employees in US
Related Articles
By Dan Kaplan
May 8, 2007 9:57 AM
Tags: TSA | loses | hard | drive | with | personal | information | of | 100,000 | employees
The hard drive, discovered missing from a controlled area at the federal agency on Thursday, contained the names, Social Security numbers, birth dates, bank account and routing data and payroll information of employees who worked for the agency between January 2002 and August 2005, TSA administrator Kip Hawley said in a notification letter to victims. Authorities are unsure whether the data was lost or stolen.

Hawley apologised to employees whose identity was exposed, but said the TSA has no reason to believe any of the information has been misused. Still, the agency promised to provide affected individuals with one year of free credit monitoring service.

"We are notifying you out of an abundance of caution at this early stage of the investigation given the significance of the information contained on the device," Hawley said. "We apologise that your information may be subject to unauthorised access, and I deeply regret this incident."

The FBI and US Secret Service have opened criminal investigations, according to a separate statement.

The TSA said it has comprehensive data security policies in place and violators face "swift disciplinary action," including firing.

This is the second time in less than a year that the agency responsible for securing the nation’s airports was involved in a data breach.

Last September, a contractor accidentally mailed about 1,200 documents containing Social Security numbers of former TSA employees to incorrect addresses.

"It’s kind of ironic that the government agency charged with maintaining the security of our nation’s transportation system can’t manage the security of its own employees’ files," said Paul Stephens, policy analyst at the nonprofit Privacy Rights Clearinghouse.

"It’s a matter of having the proper protocols in place and enforcing them. A lot of times the protocols exist, and you don’t have the compliance. Typically, the failure is employee compliance."

The latest incident occurred just days after Rep. Tom Davis, R.-Va., reintroduced a bill that would require federal agencies who suffered a data breach to promptly notify victims, and have proper policies in place.

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Tripwire - Click here to win an iTouch
 
 
Breaches & Exposures Whitepapers
 
Popular Tags
000 bruin clavister data drive ebay employees error huge human identity information linkedin loses policy records report security stolen web