FAA says info on 45,000 workers stolen in data breach
Server break-in nets info on people who were on agency's payroll in February 2006
Computerworld - The Federal Aviation Administration disclosed yesterday that it is investigating a data breach in which the personal data of about 45,000 employees and retirees was apparently stolen from a server at the agency.
The compromise resulted from an intrusion into the system that was storing the data, the FAA said in a brief statement. There are no indications that any of the servers used for air traffic control or other operation systems were similarly broken into, the agency said, adding that it has contacted law enforcement authorities and will notify the affected individuals via mail.
According to the FAA, the server that was breached had a total of 48 files, two of which contained personal data on people who were on the agency's employee rolls as of February 2006. But the FAA's statement didn't say when the breach might have happened or how and when it was discovered, and the agency has yet to respond to a request for further information about the incident.
"The FAA is moving quickly to prevent any similar incidents and has identified immediate steps as well as longer-term measures to further protect personal information," the agency said in the statement. But again, it didn't provide any details about the steps it plans to take.
A employee union official quoted in an Associated Press story that was posted online yesterday before the FAA's disclosure said the other information on the breached server was encrypted medical information. He was also quoted as saying that FAA officials told the union the breach was the first of its kind at the agency.
However, the FAA is merely the latest in a long line of federal agencies to be hit by security breaches, either via system intrusions or the loss or theft of laptop PCs containing unencrypted data.
In the most serious incident thus far, the U.S. Department of Veterans Affairs reported in May 2006 that a laptop and hard drive containing the personal data of 26.5 million military veterans and active-duty personnel had been stolen from an employee's home that month. The laptop and drive were recovered the following month, and VA officials said that the data on them appeared to have been untouched. But the incident sparked an overhaul of the VA's IT department and security changes across the government.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Is Your Big Data Solution Production-Ready? Read "Is Your Big Data Solution Production-Ready?" now, and discover best practices and actionable steps to implementing a production-ready big data solution.
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Cybercrime and Hacking White Papers | Webcasts