Friday, October 14, 2011

Here We go gain ... AGAIN!

Here is the news from the Seattle Post.

"The Social Security Administration has failed to inform tens of thousands of Americans it accidentally released their names, dates of birth and Social Security numbers in an electronic database widely used by U.S. business groups.

The federal agency has kept silent about a potentially harmful security breach of the personal data of about 14,000 people each year, ignoring recommended reporting guidelines for such confidentiality breaches and violating the intent, at least, of the U.S. Privacy Act, which protects personal information of private citizens."

Unlike private companies and most states (all but four) where data breaches such as this must be immediately reported the SS Administration apparently felt they were exempted.

The breach occurred with a Social Security service called "Death Master File" which supposedly lists the names of deceased Americans.

The Republic of Columbus Ohio reported on October 13, 2011 that "The names of 31,931 living Americans discovered in a Scripps Howard News Service review of three copies of the Death Master File. These files, which are available for purchase from many sources on the Internet, contained their Social Security numbers and birthdates -- critical information needed by identity thieves.

"That's just not supposed to be public information -- especially not my Social Security number," Jared said. "This needs to be corrected."

Reporters at newspapers and television stations owned by the E.W. Scripps Co. interviewed dozens of people nationwide who have suffered security breaches because of what Social Security officials have called "inadvertent keying errors" by federal workers when entering what was supposed to be information only about dead people. None reported the federal agency warned them about the breach of their confidential information.

Most of those erroneously listed as dead who were contacted for this story said they only found out about the agency's mistakes when they suffered adverse events like frozen bank accounts, cancelled cell phones, refused job interviews, declined credit card applications, denied apartment leases or refused mortgage and student-assistance loans."

How reassuring! The SS Administration is killing off living people because the idiots at SS can't type information in properly?! Our education system and SS training seems to need an upgrade!

Not only did they key in living people as dead but the idea of making that information public is troubling because even dead people can be used to create false identities.

The Republic also notes, "The government's silence about the Social Security breach apparently violates a 2007 directive from the Office of Management and Budget ordering every agency to develop a breach notification policy when the confidentiality of personal data has been compromised.

"Notification of those affected -- and the public -- allows those individuals the opportunity to take steps to help protect themselves from the consequences of the breach," the OMB directive said. "Such notification is also consistent with the 'openness principle' of the Privacy Act that calls for agencies to inform individuals about how their information is being accessed and used, and may help individuals mitigate the potential harms resulting from a breach."

We checked the Social Security Administration web site and there was NOTHING about this to be found anywhere. It was just business as normal on that web page. Guess they don't want to frighten people.

Labels: , ,


Post a Comment

<< Home

  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft -