BreachExchange mailing list archives
SSA exposed SSNs, names, birth dates for 36, 000 people, IG says
From: security curmudgeon <jericho () attrition org>
Date: Mon, 18 Apr 2011 05:20:55 -0500 (CDT)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://fcw.com/articles/2011/04/14/ssa-privacy-breach-death-master-file.aspx By Alice Lipowicz FCW.com April 14, 2011 The Social Security Administration publicly made available the names, dates of birth, Social Security numbers and other sensitive personal information on more than 36,000 people from May 2007 to April 2010 despite being warned about the privacy risks, according to a report from SSA's Office of the Inspector General. The information was erroneously included in SSA?s Death Master File sold to the public. The 36,657 people affected were not deceased, and the release of the personal information was considered a breach of privacy, the report states. The IG first told SSA officials in June 2008 to take precautions against a pattern of publishing the personal information of living people in its database of death-related information, the report states, adding that there was no indication that organized identity thefts were taking place. However, SSA did not follow those precautions, and the agency continued to expose personal data of people mistakenly included in its Death Master File, according to the March 31 report. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Learn encryption strategies that manage risk and shore up compliance. Download Article 1 of CREDANT Technologies' The Essentials Series: Endpoint Data Encryption That Actually Works http://credant.com/campaigns/realtime2/gap-LP1/
Current thread:
- SSA exposed SSNs, names, birth dates for 36, 000 people, IG says security curmudgeon (Apr 19)