GSA employee's error exposes entire staff to potential identity theft

Agency is offering one year of insurance

An employee at the General Services Administration e-mailed the names and Social Security numbers of the agency’s entire staff to a private e-mail address, leaving GSA workers exposed to potential identity theft, according to published reports.

GSA sent a letter alerting its 12,000 employees in late October, about a month after discovering the breach in September -- and nearly six weeks after it had happened, reported Ashley Southall in a Nov. 6 article in the New York Times. GSA had alerted them earlier via e-mail, but some agency employees told Southall that they often ignored these alerts due to the high volume of alerts they receive.

Previous GCN coverage has shown that e-mail remains the top source for data breaches, according to a survey released by Proofpoint, an e-mail security and data loss prevention company, and conducted by Osterman Research. The biggest data threats come from inside a company, often as a result of accidents or carelessness by employees, according to a survey by Forrester Research.

GSA informed employees that the worker had sent the file accidentally and that it had not been forwarded. GSA technicians removed the information from the recipient’s computer and e-mail, the Times reported.

In the letter, signed by GSA’s CIO Casey Coleman and Gail Lovelace, the agency’s privacy official, GSA provided employees with $25,000 in identity theft insurance coverage and credit monitoring for a year in response to the incident.

GSA’s Inspector General Brian Miller is investigating the incident, the Times reported.

Employees could still be vulnerable after a year and the delay in notifying employees puts them at greater risk, said Jack Hanley, who leads a council representing approximately 4,000 GSA employees who are members of the National Federation of Federal Employees Union, according to the Times.

About the Author

Kathleen Hickey is a freelance writer for GCN.

Featured

  • 2020 Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected