USDA has data breach
- By Jason Miller
- Apr 23, 2007
The Agriculture Department announced Friday it has publicly exposed the personal information of up to 63,000 citizens.
A USDA loan recipient April 13 notified OMB Watch that her social security and tax identification numbers were intertwined with a longer data set in their fedspending.org database. OMB Watch notified the agency, which pulled down the data that day.
On Friday, USDA admitted in a statement
that private information of 63,000 individual was accessible through agency Web sites. The people were awarded funds through the Farm Service Agency or USDA Rural Development program.
'The data in question appears in the Federal Assistance Award Data System (FAADS), which is a government database of all federally provided financial assistance' excluding procurement, OMB Watch said in a statement. 'This gross negligence on the part of the federal government is unacceptable.'
This is Agriculture's second potential data breach since June when it discovered someone attempted to hack into one of their systems and potentially exposed the personal data of 26,000 current and retired employees and contractors.
In response to this latest breach, Agriculture spokeswoman Terri Teuber said the data in the Farm Service Agency and Rural Development databases have been scrubbed, and the chief information officer's team is doing the same thing for all agency databases.
'The database in question has been regenerated with a new identification number for all data that has been entered in the last 10 years,' Teuber said. 'We are working very quickly.'
Teuber added that after the June breach USDA Secretary Mike Johanns directed all programs to ensure social security numbers were not being exposed.
'We didn't catch this situation because the private data was embedded in other data,' she said. 'Another factor that complicated it was not all the entries contained private data. It is a small percentage that was exposed.'
Teuber would not say exactly how many citizens had their data exposed, but the agency is narrowing down the entries.
USDA is offering free credit monitoring services to all citizens whose information may have been exposed through the USA.gov Web site. It will cost the agency about $4 million, Teuber said.
Agriculture also will send out letters by registered mail by Monday to all those affected, she added.
'Part of the challenge is matching entries from the affected database to the agency database that contain the citizens' addresses,' Teuber said.
She added no instances of identify fraud has been reported.