|
U.S. PIRG Consumer Blog
« Senate Committees approve data security bills |
Main
| Chicago Trib reporter goes deep into CPSC's problems »
May 05, 2007
Even the TSA can't keep track of employee data disks
The agency in charge of airport security, the Transportation Security Administration, has lost a hard drive containing detailed sensitive information on current and past employees, according to news stories including TSA Hard Drive With Employee Data Is Reported Stolen by Spencer S. Hsu in the Washington Post. The FBI and the Secret Service have opened a criminal investigation into the apparent theft of a computer hard drive containing the personal, payroll and bank information of 100,000 current and former workers of the Transportation Security Administration, including airport security officers and federal air marshals, the TSA said yesterday. What this and other stories and even the TSA news release don't say is whether the employee data were encrypted or not. Be nice to know whether the agency in charge of airport security protocols is following best-practice data security protocols. While these data were reported to be "archived," that does not mean encrypted. And, according to the TSA release, the treasure trove is richer than usual. It includes "name, social security number, date of birth, payroll information, bank account and routing information." While even identity thieves still in short pants can take advantage of SSNs to create new identities, identity thieves still in diapers will be drooling over the bank account data.
Posted by Ed Mierzwinski at May 5, 2007 07:26 AM
Post a comment
|
