USDA has data breach

The Agriculture Department announced Friday it has publicly exposed the personal information of up to 63,000 citizens.

A USDA loan recipient April 13 notified OMB Watch that her social security and tax identification numbers were intertwined with a longer data set in their database. OMB Watch notified the agency, which pulled down the data that day.

On Friday, USDA admitted in a statement that private information of 63,000 individual was accessible through agency Web sites. The people were awarded funds through the Farm Service Agency or USDA Rural Development program.

'The data in question appears in the Federal Assistance Award Data System (FAADS), which is a government database of all federally provided financial assistance' excluding procurement, OMB Watch said in a statement. 'This gross negligence on the part of the federal government is unacceptable.'

This is Agriculture's second potential data breach since June when it discovered someone attempted to hack into one of their systems and potentially exposed the personal data of 26,000 current and retired employees and contractors.

In response to this latest breach, Agriculture spokeswoman Terri Teuber said the data in the Farm Service Agency and Rural Development databases have been scrubbed, and the chief information officer's team is doing the same thing for all agency databases.

'The database in question has been regenerated with a new identification number for all data that has been entered in the last 10 years,' Teuber said. 'We are working very quickly.'

Teuber added that after the June breach USDA Secretary Mike Johanns directed all programs to ensure social security numbers were not being exposed.

'We didn't catch this situation because the private data was embedded in other data,' she said. 'Another factor that complicated it was not all the entries contained private data. It is a small percentage that was exposed.'

Teuber would not say exactly how many citizens had their data exposed, but the agency is narrowing down the entries.

USDA is offering free credit monitoring services to all citizens whose information may have been exposed through the Web site. It will cost the agency about $4 million, Teuber said.

Agriculture also will send out letters by registered mail by Monday to all those affected, she added.

'Part of the challenge is matching entries from the affected database to the agency database that contain the citizens' addresses,' Teuber said.

She added no instances of identify fraud has been reported.

inside gcn

  • artificial intelligence (ktsdesign/

    Machine learning with limited data

Reader Comments

Sun, Jan 2, 2011 Maine

It is now January 2011 and my full name and my loan/s amounts are still accessible to anyone who wants to look up my personal loan information with the USDA. It's both humiliating and still a breach of my privacy. I am waiting to hear from my congressman and the local USDA on the matter. I am a private citizen not a business. I had a low interest home repair loan. But the fedspending site has it listed to the public as Federal Assistance. They were loans, not assistance. Revealing my loan information to the emtire planet is wrong. Poorer people cannot afford lawyers to protect their who is correcting this ongoing sharing of personal names?

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group