[Dataloss] US SSA data breach
Henry Brown
hbrown at knology.net
Mon Jun 30 14:09:39 UTC 2008
http://www.fcw.com/online/news/152975-1.html
SSA lists thousands of live persons as dead
The Social Security Administration inadvertently compromised the
personal information of more than 20,000 people by listing them in the
Death Master File (DMF) while they were still alive, the agency's
inspector general has determined.
The IG's analysis dates to January 2004. Since then, SSA has made the
live people's Social Security number, full name, date of birth, and
state and ZIP code of last known residence available to users of the
database, the IG found.
After learning that those people were not deceased, SSA deleted the
information, which limited its spread. However, that had no effect on
the information previously made available to DMF subscribers.
The IG's investigators found some instances where the personal
information was available for free viewing on the Internet, according to
a June 4 IG report.
SSA provides the data to the Commerce Department's National Technical
Information Service (NTIS), which in turn sells it to customers.
Customers include the government, investigative businesses, financial
and credit reporting firms, and geneaology researchers. Some, including
prominent geneaology Web sites, post some or all of the information
online for their users.
[...]
The Social Security Administration IG report
http://www.ssa.gov/oig/ADOBEPDF/A-06-08-18042.pdf
More information about the Dataloss
mailing list