Feeds

TSA: We're not saying our hard drive is gone but...

It's just not here anymore

Internet Security Threat Report 2014

The universe has an odd tendency to absorb certain objects into the oblivion of un-existence. Television remotes, single socks, car keys, lighters, external hard drives containing 100,000 employee records, pen caps; they all come and go like tiny dimensional travelers.

And such is the order of things that missing socks and lighter go largely unreported in the media — bees in our bonnet though they may be.

But the minute the Transportation Security Administration loses a hard drive containing the names, Social Security numbers, dates of birth, payroll information, bank account and routing information of 100,000 people employed at the agency between January 2002 and August 2005, there's suddenly a big fuss.

On May 3, the TSA discovered the drive was missing from a controlled area at the Headquarters Office of Human Capital. The agency immediately reported the incident to law enforcement officials, the Department of Homeland Security and launched into an investigation.

Did it fall behind the desk? No.

Did Jim take it home to transfer his Phil Collins music collection to his desktop? No.

Maybe check behind the desk again?

The investigation hit a brick wall. By Friday night, it was time to fess up with a statement. The TSA doesn't know whether the device is still within headquarters or was stolen. It has found no evidence an unauthorized individual is using the personal information.

TSA is a division of the Homeland Security Department, responsible for the safety of the US transportation system, including airports and train stations.

They are unsure whether the data was encrypted or not. The TSA is investigating to see if proper data security procedures were followed. The agency pledges disciplinary action against individuals found to be in violation of security procedures.

This is far from the first case of government hard drives phasing out of three dimensional time-space. In a similar case in January, the external hard drive of a Department of Veterans Affairs employee that contained personal data of approximately 48,000 employees went missing. A year ago this month, a VA laptop with personal details of 26.5m veterans was stolen; it was eventually turned in by a member of the public who bought it at a market.

TSA has begun to notify all affected individuals in the incident. They have also begun the process of selecting a contractor to provide one year of free credit monitoring for those with personal information in the drive. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.