Skip the navigation
News

FAA says info on 45,000 workers stolen in data breach

Server break-in nets info on people who were on agency's payroll in February 2006

By Jaikumar Vijayan
February 10, 2009 12:00 PM ET

Computerworld - The Federal Aviation Administration disclosed yesterday that it is investigating a data breach in which the personal data of about 45,000 employees and retirees was apparently stolen from a server at the agency.

The compromise resulted from an intrusion into the system that was storing the data, the FAA said in a brief statement. There are no indications that any of the servers used for air traffic control or other operation systems were similarly broken into, the agency said, adding that it has contacted law enforcement authorities and will notify the affected individuals via mail.

According to the FAA, the server that was breached had a total of 48 files, two of which contained personal data on people who were on the agency's employee rolls as of February 2006. But the FAA's statement didn't say when the breach might have happened or how and when it was discovered, and the agency has yet to respond to a request for further information about the incident.

"The FAA is moving quickly to prevent any similar incidents and has identified immediate steps as well as longer-term measures to further protect personal information," the agency said in the statement. But again, it didn't provide any details about the steps it plans to take.

A employee union official quoted in an Associated Press story that was posted online yesterday before the FAA's disclosure said the other information on the breached server was encrypted medical information. He was also quoted as saying that FAA officials told the union the breach was the first of its kind at the agency.

However, the FAA is merely the latest in a long line of federal agencies to be hit by security breaches, either via system intrusions or the loss or theft of laptop PCs containing unencrypted data.

In the most serious incident thus far, the U.S. Department of Veterans Affairs reported in May 2006 that a laptop and hard drive containing the personal data of 26.5 million military veterans and active-duty personnel had been stolen from an employee's home that month. The laptop and drive were recovered the following month, and VA officials said that the data on them appeared to have been untouched. But the incident sparked an overhaul of the VA's IT department and security changes across the government.

Jeremy Kirk of the IDG News Service contributed to this story.

Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.



Additional Resources
Forrester Consulting - Optimizing Users and Applications in a Mobile World
WHITE PAPER
Solving application issues over the WAN requires careful consideration. Based on their independent research, Forrester Consulting offers recommendations on how to tackle application performance issues, insufficient bandwidth and the inability to quickly restore users in a disaster.

Read now.

Security KnowledgeVault
WHITE PAPER
Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

Cut Communications Costs Once and for All
WHITE PAPER
New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Cybercrime and Hacking White Papers
Streamline Compliance and Increase ROI
Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will...
Protecting Point of Sale Systems from Targeted Attack
If you are responsible for protecting retail systems, download this case study to learn how this retailer eliminated the threat of malware on...
From the Frontline - Preventing APT
Is your company's network secure? Are your endpoints and servers secured? Before you answer, read this case study on a US Military Command...
Stop Hackers Before They Attack
Hacktivism, Identify Theft, Financial Gain, Cyber War - regardless of motivation, stopping today's hackers requires a new proactive approach to protecting endpoints. Learn...
The four rules of complete web protection
As an IT manager you've always known the web is a dangerous place. But with infections growing and the demands on your time...
All Cybercrime and Hacking White Papers
Cybercrime and Hacking Webcasts
WikiLeaks: How am I Affected?
The latest WikiLeaks episode has raised questions about how organizations and governments protect their sensitive information. While this incident was isolated, it has...
Optimizing Networks for the Cloud
Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn...
All Cybercrime and Hacking Webcasts
Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all newsletters | Privacy Policy
IT Jobs