[Dataloss] US SSA data breach

Henry Brown hbrown at knology.net
Mon Jun 30 14:09:39 UTC 2008


http://www.fcw.com/online/news/152975-1.html

SSA lists thousands of live persons as dead

The Social Security Administration inadvertently compromised the 
personal information of more than 20,000 people by listing them in the 
Death Master File (DMF) while they were still alive, the agency's 
inspector general has determined.

The IG's analysis dates to January 2004. Since then, SSA has made the 
live people's Social Security number, full name, date of birth, and 
state and ZIP code of last known residence available to users of the 
database, the IG found.

After learning that those people were not deceased, SSA deleted the 
information, which limited its spread. However, that had no effect on 
the information previously made available to DMF subscribers.

The IG's investigators found some instances where the personal 
information was available for free viewing on the Internet, according to 
a June 4 IG report.

SSA provides the data to the Commerce Department's National Technical 
Information Service (NTIS), which in turn sells it to customers. 
Customers include the government, investigative businesses, financial 
and credit reporting firms, and geneaology researchers. Some, including 
prominent geneaology Web sites, post some or all of the information 
online for their users.

[...]

The Social Security Administration IG report
http://www.ssa.gov/oig/ADOBEPDF/A-06-08-18042.pdf



More information about the Dataloss mailing list