[Dataloss] OT? US Gov cyber insecurity incidents
Al Mac
macwheel99 at sigecom.net
Tue May 8 04:07:53 UTC 2007
Here's the report card (PDF) that The House Committee on Oversight and
Government Reform issues each year on cyber security at various government
agencies.
http://republicans.oversight.house.gov/Media/PDFs/FY06FISMA.pdf
In the wake of the VA incident, The House Committee on Oversight and
Government Reform asked all federal agencies for details on any other
incidents involving loss of personal sensitive information. They learned
about 788 incidents Jan 2003-July 2006. By my math, that's more than one
every other day on average.
I saw an article about this & went hunting for original source (url below).
Well looks like this data was gathered about a year ago, but then in some
cases more info came out that showed the data was incomplete.
Every federal angency has computer security breaches.
They do not always know what data has been lost.
The vast majority of the breaches are the loss of hardware, such as theft
of laptops.
Many of the breaches are by private contractors.
Dept of Agriculture 8 incidents
Dept of Commerce 297 incidents
Dept of Defence 43 incidents
Dept of Education 41 incidents
Dept of Energy 7 incidents
Dept of Health & Human Services 24 incidents
Dept of Homeland Security 6 incidents but the committee continues to ask
hard questions
http://www.sans.org/newsletters/newsbites/newsbites.php?vol=9&issue=36&rss=Y#sID202
Dept of Housing and Urban Development 1 incident
Dept of Interior 8 incidents
Dept of Justice 2 incidents
Dept of Labor 3 incidents
Dept of State 1 incident but got grade F for cyber security from House
Commitee on Oversight etc.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1251763,00.html
Dept of Transportation 1 incident ... a subsequent FOIA inquiry found out a
ton of other incidents
Dept of Treasury 340 incidents
Dept of Veteran Affairs ... hundreds of incidents
Office of Personnel Management 3 incidents
Social Security Administration 3 incidents
example incidents are given on each agency
http://209.85.165.104/search?q=cache:etHfNZnxgEUJ:oversight.house.gov/Documents/20061013145352-82231.pdf+Oversight+Reform+compromise+sensitive&hl=en&ct=clnk&cd=2&gl=us
Systemic failure at the White House protecting classified information..
http://oversight.house.gov/story.asp?ID=1264
More information about the Dataloss
mailing list