DHS employees' info possibly compromised due to system flaw
Posted on 23 May 2013.
U.S. Department of Homeland Security employees have begun receiving notifications about a vulnerability that has inadvertently made their personal information potentially accessible to unauthorized parties.

The flaw was apparently found in the software used by a DHS vendor to process personnel security investigations and has been immediately addressed.

There is no evidence that the information contained in the system - names, social security numbers, date of birth - were actually stolen or accesses at all, but potentially affected employees, contractors, inactive applicants, and former employees and contractors will be notified of the increased risk of identity theft they might face and the steps they can take to minimize it.

"DHS is evaluating all legal options and is engaged with the vendor’s leadership to pursue all costs incurred mitigating the damages," the notice says, but doesn't say which vendor it was.

The vulnerability was first discovered by a law enforcement partner who then notified the DHS.

"DHS believes that employees who submitted background investigation information, and individuals who received a DHS clearance, between July 2009 and May 2013, primarily for positions at DHS HQ, Customs and Border Protection (CBP), and Immigration and Customs Enforcement (ICE), may be affected," the notice says, then adds that other information provided in the standard security questionnaire was not accessible.









Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //