The Transportation Security Administration (TSA) has issued an advisory regarding a hard drive containing personal and financial information of 100,000 current and former employees (including Air Marshalls) that appears to have been lost or stolen….they’re not sure yet. It was found missing from a “controlled area” at the TSA Headquarters Office of Human Capital on May 3, 2007.
The TSA, part of Homeland Security, is the Federal agency responsible for screening all passengers and luggage at all U.S. airports. Due to security issues, they called in the Secret Service and the FBI to investigate.
A letter from Administrator Kip Hawley to Employees, notes that the hard drive contains names, Social Security numbers, dates of birth, payroll information, financial allotments, bank account and routing information records of people employed by the agency from January 2002 until August 2005.
The letter states that at this time it is unclear whether the device is still within headquarters or was stolen.
A public statement issued by the TSA notes that “measures are in place to alert TSA if someone attempts to use the hard drive. To date, there is still no evidence to indicate employee data have been compromised.”
The TSA is offering a benefit package that provides former and current employees affected by the incident free credit monitoring for up to one year, ID theft insurance up to $25,000, fraud alerts and identity restoration specialists who will complete paperwork and assist employees if they become victims of identity theft. Current and former employees can register by phone, mail or online through a secure web site. More information is available at the TSA web site. The enrollment form (PDF) can be found here. A list of frequently asked questions is also available.
But wait. There’s more.
On April 20, 2007 the United States Department of Agriculture (USDA) announced that the Social Security numbers of approximately 150,000 people is potentially at risk after it was discovered that personal identifying information on farmers and others for the past 26 years was mistakenly posted online in a publicly accessible database. Once it was discovered, the information was removed.
So far there is no evidence that the information has been misused, but the USDA is offering free credit monitoring for one year to people who’s information was published. The private identifying information was embedded in a larger number and therefore not immediately available.
The USDA estimates that immediately prior to April 13, the web site contained private identification information of approximately 47,000 people who receive USDA funding from the Farm Service Agency and USDA Rural Development.
They have identified between 105,000 and 150,000 individuals whose private information has been entered into a federal government database at some time during the past 26 years. The USDA is in the process of notifying all 150,000 people by registered mail and is offering them an opportunity to register for free credit monitoring for one year.
USDA funding recipients who wish to take advantage of the credit monitoring offer will be provided with instructions for how to register. Any USDA funding recipient with questions may call 1-800-FED-INFO (1-800-333-4636) or visit USA.gov. More information (PDF) from OMBwatch.org.