TSA Screws Former Employees

This screwing was assisted by Accenture. It seems that some standard documents that contained the socials, birthdates and other personally identifiable information, were emailed, apparently without any encryption, to the wrong recipient.

Duh.

From the UPI here:

TSA sends personal info to wrong addresses

WASHINGTON, Sept. 6 (UPI) — The Transportation Security Administration says the personal data of 1,195 former employees may have been e-mailed to the wrong addresses by a contractor.

The TSA, which is part of the Homeland Security Department, has told former employees their Social Security numbers and birth dates may have been mailed in error by Accenture, raising the possibility of identity fraud, USA Today reported Wednesday. Accenture handles TSA personnel.

TSA spokeswoman Amy von Walter said the breach was “an administrative error, and the contractor has taken steps to ensure it’s not repeated.”

Richard Whitford, TSA assistant administrator for human capital, said in a letter the error concerned standard documents sent to employees who leave government positions. They contained the Social Security numbers, birth dates and salaries of their intended recipients.

The mix-up has raised the ire of some privacy advocates. Beth Givens, director of the Privacy Rights Clearinghouse, said: “making a mistake like this is abominable.”

The article failed to mention anything about the use of encryption. Standard email is transmitted across the internet in clear text and can be intercepted at each hop along the way. This type of information should never be sent to anyone in clear text.