John Edwards on September 4, 2007
A report released late last year by the House Committee on Government Reform paints a frightening picture of the lackadaisical approach many government agencies and employees take toward sensitive data. The report, which detailed every data breach the government has suffered since the beginning of 2003, listed 788 incidents of data loss or theft, including taxpayer names, addresses, Social Security numbers, nuclear secrets and various other bits of vital information.
Some highlights:
As if all of these incidents weren't enough, even more frightening is the fact that the government continues to misplace critical data. In late May, according to a Newsweek magazine report, a staffer at the Los Alamos Nuclear Laboratory took his lab laptop — which contained sensitive government documents — on a vacation to Ireland. The system was stolen from a hotel room and has not yet been recovered. The following month, a Los Alamos scientist involved in weapons-design research sent an email to colleagues at a Nevada nuclear test site. The message, containing highly classified material, was transmitted over the open Internet rather than through the secure defense network, according to Newsweek magazine.
Even more recent: Over the past few months, a huge identity-theft hack lifted the personal information of 146,000 people who use USAJobs, the federal government's official job search site. This was part of an even larger hack that stole even more data from the jobs site Monster. Unlike the Monster part of the hack, it seems that no Social Security numbers were taken in the USAJobs hack.
If these incidents disturb you and make you wonder if the government can be trusted with data any more sensitive than a Philadelphia Eagles football schedule, you're not alone. "Data held by federal agencies remains at risk," noted the House Committee's report. "In many cases, agencies do not know what information they have, who has access to the information and what devices containing information have been lost, stolen or misplaced."
Top 10 U.S. Government Web Break-ins of All Time
IT Security Email Security Comparison Guide
Personal Firewalls: Boon or Bane to IT?
Definitive Guide to Network Security