Feeds

TSA: We're not saying our hard drive is gone but...

It's just not here anymore

Protecting against web application threats using SSL

The universe has an odd tendency to absorb certain objects into the oblivion of un-existence. Television remotes, single socks, car keys, lighters, external hard drives containing 100,000 employee records, pen caps; they all come and go like tiny dimensional travelers.

And such is the order of things that missing socks and lighter go largely unreported in the media — bees in our bonnet though they may be.

But the minute the Transportation Security Administration loses a hard drive containing the names, Social Security numbers, dates of birth, payroll information, bank account and routing information of 100,000 people employed at the agency between January 2002 and August 2005, there's suddenly a big fuss.

On May 3, the TSA discovered the drive was missing from a controlled area at the Headquarters Office of Human Capital. The agency immediately reported the incident to law enforcement officials, the Department of Homeland Security and launched into an investigation.

Did it fall behind the desk? No.

Did Jim take it home to transfer his Phil Collins music collection to his desktop? No.

Maybe check behind the desk again?

The investigation hit a brick wall. By Friday night, it was time to fess up with a statement. The TSA doesn't know whether the device is still within headquarters or was stolen. It has found no evidence an unauthorized individual is using the personal information.

TSA is a division of the Homeland Security Department, responsible for the safety of the US transportation system, including airports and train stations.

They are unsure whether the data was encrypted or not. The TSA is investigating to see if proper data security procedures were followed. The agency pledges disciplinary action against individuals found to be in violation of security procedures.

This is far from the first case of government hard drives phasing out of three dimensional time-space. In a similar case in January, the external hard drive of a Department of Veterans Affairs employee that contained personal data of approximately 48,000 employees went missing. A year ago this month, a VA laptop with personal details of 26.5m veterans was stolen; it was eventually turned in by a member of the public who bought it at a market.

TSA has begun to notify all affected individuals in the incident. They have also begun the process of selecting a contractor to provide one year of free credit monitoring for those with personal information in the drive. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.