FAA Employee Database Hacked
If you work for or are retired from the Federal Aviation Administration, be on the lookout for fraudulent activity involving your Social Security number. Last week, the FAA's administrative computer server was hacked. Information -- including names and Social Security numbers of 45,000 current workers and retirees -- were stolen.
Last night, Lynne Osmus, the agency's acting administrator, sent the letter below to employees.
Dear Colleagues:
I want to alert you that the Cyber Security Management Center identified some unusual activity from an FAA administrative server last week. An investigation revealed that the server was breached by a hacker.
Most of the 48 breached files were test files used for application development. Two of these files contained names and social security numbers. One of them contained information on more than 45,000 employees and retirees who were on FAA rolls as of the first week of February 2006. Medical information from the hacked files was encrypted and not identifiable.
We are moving swiftly to identify short-term and long-term measures – procedural and technological – to prevent such incidents from recurring. All current and former employees who are affected will receive a letter shortly alerting them to this event.
In addition, we are posting information in the form of FAQs on the employee and public web sites, and we will update that information, via the web and other channels, should the investigation reveal more information. We also are setting up a toll-free hotline to answer employee calls related to this event.
We will continue our efforts to further protect our computer security systems and will keep you informed as the investigation continues.
Lynne Osmus
Acting FAA Administrator
By
Sara Goo
|
February 10, 2009; 4:23 PM ET
| Category:
Computer security
Previous: A Good Government Group Closes Its Doors |
Next: Uproar Over FAA Computer Hacking
Posted by: Mudrock63 | February 10, 2009 5:24 PM | Report abuse
During the failed contract negotiations between NATCA and the FAA, a representative of the FAA was pushing a point to discipline controllers over even minor errors. They made a comment "There are only two reasons a person makes a mistake, either they are incompetent or they did it on purpose." No room for error. So I want to know from the FAA were you incompetent or did you do it on purpose? Either way someone should pay for ignoring this issue after many years of warnings. Oh and by the way......I'm still waiting for my official notification from the FAA about my stolen information. As a retiree, I have to rely on the news agencies, such as this, and my union to be informed. To much time has passed on such a time critical issue.....you know the post office has overnight services......so does FEDEX.....why am I still waiting to hear from the FAA? The extra cost in notifying the workforce via this method pales in comparison to the amount of money that could be lost to the employee, banks, credit card companies, etc. You, the FAA, preaches all the time how they do the right thing even when no one is looking, well we are still waiting for you to do it....do the right thing.
Posted by: towerflower1 | February 11, 2009 1:30 AM | Report abuse
The comments to this entry are closed.
So now, for the rest of my life, I have to worry about my name and SSN# circling the globe, ripe for use by any two-bit identity theft hooligan. Thanks, FAA. How about for once, just once, someone at the Puzzle Palace....aka FAA Headquarters....be held accountable for their negligence and incompetence. Ventris Gibson would be a good place to start.