backtop


Print 23 comment(s) - last by fic2.. on May 8 at 1:03 PM

The Transportation Security Agency is the latest government agency to lose or have data stolen

An external computer hard drive containing the personal, bank and payroll information of up to 100,000 former and current Transportation Security Administration (TSA) employees was reportedly stolen from a human resources office in Crystal City, VA.  The Federal Bureau of Investigation and U.S. Secret Service are now helping the TSA investigate the theft -- FBI is conducting the investigation, with the Secret Service conducting a "forensic review of equipment and facilities."

The TSA learned about the missing hard drive sometime Thursday, but the agency informed possibly affected employees Friday evening -- a delay which has upset some employees.  TSA spokesperson Ellen Howe reassured agency employees by stating the TSA was "not trying to stall."

"TSA has no evidence that an unauthorized individual is using your personal information, but we bring this incident to your attention so that you can be alert to signs of any possible misuse of your identity," said Kip Hawley, TSA Administrator.

The TSA is unaware if the hard drive has left its premises.  The hard drive contained sensitive information on employees who worked for the TSA from January 2002 until August 2005.  The agency employs almost 50,000 people and is the agency responsible for securing transportation systems in the country, including airports and railroads.

Letters were sent out to all affected employees promising one year of credit monitoring services.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

I hope they at least had the data protected
By Snuffalufagus on 5/5/2007 8:14:17 PM , Rating: 2
This seems like the perfect candidate for drive and/or data encryption and any of the other data protection tools out there. If you're responsible or in possession of anyones personal data it seems like common sense to use these sorts of security tools, granted most can be broken, but it's still a huge deterrent to many. The idea that this isn't standard policy or best practices for any government equipment seems plain stupid to me. I have a friend who works in a Accounting firm, and they're security for all their equipment dwarfs what I've seen that a military friend of mine has in place. Then again, the article doesn't indicate that they did or didn't have some sort of protection in place.




By mcp555 on 5/6/2007 10:15:12 AM , Rating: 2
I'm no authority on security but it would seem to me putting these external hard drives in some kind of hardened safe or small data vault might be a good place to start. They should also look at being more restrictive about who can get into and how to access the office/room as well. At least they didn't bring it home or put it in their car...

The encryption, TPM, and secure remote access ideas are good options as well but I think the physical security part would be relatively cheap and easy to implement. I guess we'll have to wait and see what the FBI learns from its investigation. Hopefully the Secret Service includes all of the ideas everyone mentioned in their review.


"I mean, if you wanna break down someone's door, why don't you start with AT&T, for God sakes? They make your amazing phone unusable as a phone!" -- Jon Stewart on Apple and the iPhone











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki