BreachExchange mailing list archives
Information of U.S. federal employees exposed
From: security curmudgeon <jericho () attrition org>
Date: Tue, 29 May 2012 03:22:54 -0500 (CDT)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> https://www.computerworld.com/s/article/9227519/Information_of_U.S._federal_employees_exposed By John Ribeiro IDG News Service May 28, 2012 A hack in July last year of a computer used by third-party services provider Serco to support the Thrift Savings Plan run by the U.S. Federal Retirement Thrift Investment Board resulted in unauthorized access to the personal information of about 123,201 TSP participants and payees, FRTIB said Friday. Serco and FRTIB were alerted in April by the Federal Bureau of Investigation that one of the computers used to service TSP had been the victim of unauthorized access. Besides shutting down the computer, FRTIB and Serco did forensic analysis to determine which people were affected, and enhanced the security, FRTIB and Serco said in separate statements. Serco confirmed that its computer had been affected. Several files with different combinations of data of the individuals were accessed, FRTIB said.A The names, addresses, and Social Security numbers of about 43,000 individuals were in the accessed files. In some cases, this group of data also included financial account numbers and routing numbers, it added. Another group of about 80,000 people had their Social Security numbers and some TSP-related information accessed, but their name was not associated with the information, FRTIB said. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Information of U.S. federal employees exposed security curmudgeon (Jun 01)