Collins calls GSA on carpet for personal data snafu

Collins calls GSA on carpet for personal data snafu

In letters sent late yesterday to the General Services Administration and Bank of America Corp., Sen. Susan Collins expressed outrage that neither the agency nor the bank had chosen to inform federal employees in December that their personal information might be at risk.

Last week, the bank and GSA acknowledged that in December data tapes containing personal information about federal employees had gone missing. Bank of America also last week sent letters to current and former feds whose information is missing and set up a toll-free number for agency employees to voice concerns.

The bank uses the data'which included names, Social Security numbers and account information for 1.2 million federal employees 'for its federal credit card programs.

'I am perplexed as to why federal employees were not notified that their identifying information had been compromised until two months after the fact,' the Maine Republican said in her letter to GSA administrator Stephen A. Perry. 'And I am disturbed that we still do not know whether the tapes were accidentally lost or deliberately stolen.'

Collins, chairwoman of the Senate Homeland Security and Governmental Affairs Committee, said she wants Bank of America and GSA to detail what action they will take to ensure that federal employees' personal data is secure.

In her letter to Bank of America CEO Kenneth D. Lewis, Collins asked that the bank answer three questions:

  • What is the bank's policy for transporting its clients' personal data?

  • What has the bank done to mitigate the possible damage caused by the release of government employees' information?

  • What will the bank do to ensure that such information is better protected in the future?

Alexandra Trower, a Bank of America spokeswoman, said, 'There has been no evidence that the tapes or the content has been accessed or misused, and we are presuming the tapes to be lost at this point.'

Sources said the company initially lost four of 15 tapes but found two of them. Trower would not confirm the exact number of missing tapes.

The tapes contain personal information on employees from 30 agencies, including the Senate, that use GSA's SmartPay program, sources said.

'In the hands of the wrong people, this could easily be used for identity theft,' said one source who requested anonymity.

Company investigators notified the Secret Service when they realized the tapes were missing, and the two groups conducted an investigation.

'We had been in a quiet period during the investigation and just received approval from law enforcement officials to contact the federal employees who are affected,' Trower said. 'This has never happened before, and we will continue to monitor our customers' accounts.'

Besides backup processing, Bank of America uses tapes to archive account information and stores the tapes in an undisclosed location, said Barbara Desoer, head of global technology service and fulfillment for the company.

'Anytime anything like this happens, it is with regret,' Desoer said. 'We are very concerned when anything happens that puts our customers' privacy and security in jeopardy.'

Sources said data on the tapes could not be easily accessed because hackers would need specific equipment, expertise and software to retrieve the fragmented data.

GSA, which runs the charge card program, estimated there are 440,000 purchase cards and 1.9 million travel cards in circulation. In fiscal 2004, government employees charged $17 billion worth of goods and services and $6.7 billion in travel, GSA said.

Bank of America is one of five federal charge card providers.

(Posted 4:32 p.m. Feb. 25; updated 3:09 p.m. Feb. 28 and 8:20 a.m. March 2)

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.