Feeds

TSA: We're not saying our hard drive is gone but...

It's just not here anymore

SANS - Survey on application security programs

The universe has an odd tendency to absorb certain objects into the oblivion of un-existence. Television remotes, single socks, car keys, lighters, external hard drives containing 100,000 employee records, pen caps; they all come and go like tiny dimensional travelers.

And such is the order of things that missing socks and lighter go largely unreported in the media — bees in our bonnet though they may be.

But the minute the Transportation Security Administration loses a hard drive containing the names, Social Security numbers, dates of birth, payroll information, bank account and routing information of 100,000 people employed at the agency between January 2002 and August 2005, there's suddenly a big fuss.

On May 3, the TSA discovered the drive was missing from a controlled area at the Headquarters Office of Human Capital. The agency immediately reported the incident to law enforcement officials, the Department of Homeland Security and launched into an investigation.

Did it fall behind the desk? No.

Did Jim take it home to transfer his Phil Collins music collection to his desktop? No.

Maybe check behind the desk again?

The investigation hit a brick wall. By Friday night, it was time to fess up with a statement. The TSA doesn't know whether the device is still within headquarters or was stolen. It has found no evidence an unauthorized individual is using the personal information.

TSA is a division of the Homeland Security Department, responsible for the safety of the US transportation system, including airports and train stations.

They are unsure whether the data was encrypted or not. The TSA is investigating to see if proper data security procedures were followed. The agency pledges disciplinary action against individuals found to be in violation of security procedures.

This is far from the first case of government hard drives phasing out of three dimensional time-space. In a similar case in January, the external hard drive of a Department of Veterans Affairs employee that contained personal data of approximately 48,000 employees went missing. A year ago this month, a VA laptop with personal details of 26.5m veterans was stolen; it was eventually turned in by a member of the public who bought it at a market.

TSA has begun to notify all affected individuals in the incident. They have also begun the process of selecting a contractor to provide one year of free credit monitoring for those with personal information in the drive. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.