Feeds

TSA: We're not saying our hard drive is gone but...

It's just not here anymore

Security for virtualized datacentres

The universe has an odd tendency to absorb certain objects into the oblivion of un-existence. Television remotes, single socks, car keys, lighters, external hard drives containing 100,000 employee records, pen caps; they all come and go like tiny dimensional travelers.

And such is the order of things that missing socks and lighter go largely unreported in the media — bees in our bonnet though they may be.

But the minute the Transportation Security Administration loses a hard drive containing the names, Social Security numbers, dates of birth, payroll information, bank account and routing information of 100,000 people employed at the agency between January 2002 and August 2005, there's suddenly a big fuss.

On May 3, the TSA discovered the drive was missing from a controlled area at the Headquarters Office of Human Capital. The agency immediately reported the incident to law enforcement officials, the Department of Homeland Security and launched into an investigation.

Did it fall behind the desk? No.

Did Jim take it home to transfer his Phil Collins music collection to his desktop? No.

Maybe check behind the desk again?

The investigation hit a brick wall. By Friday night, it was time to fess up with a statement. The TSA doesn't know whether the device is still within headquarters or was stolen. It has found no evidence an unauthorized individual is using the personal information.

TSA is a division of the Homeland Security Department, responsible for the safety of the US transportation system, including airports and train stations.

They are unsure whether the data was encrypted or not. The TSA is investigating to see if proper data security procedures were followed. The agency pledges disciplinary action against individuals found to be in violation of security procedures.

This is far from the first case of government hard drives phasing out of three dimensional time-space. In a similar case in January, the external hard drive of a Department of Veterans Affairs employee that contained personal data of approximately 48,000 employees went missing. A year ago this month, a VA laptop with personal details of 26.5m veterans was stolen; it was eventually turned in by a member of the public who bought it at a market.

TSA has begun to notify all affected individuals in the incident. They have also begun the process of selecting a contractor to provide one year of free credit monitoring for those with personal information in the drive. ®

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
NOT OK GOOGLE: Android images can conceal code
It's been fixed, but hordes won't have applied the upgrade
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.