It's the latest of the high magnitude data breach cases of United States, and the Federal Aviation Administration (FAA) is the victim in the case.
On Monday, the FAA notified its employees that the agency computer server that was used to keep employee records was hacked last week. The FAA reported that hackers obtained illegal access to the names and Social Security numbers of its more than 45,000 employees and retirees.
According to the agency, 48 files on the agency computer server, including the two files containing personal information of the employees since February 2006, were hacked by hackers. The affected server was not connected to the agency's air-traffic control system or other agency operations.
In a statement, FAA said, "All affected employees will receive individual letters to notify them about the breach. The FAA is moving quickly to prevent similar incidents and has identified immediate steps as well as longer-term measures to further protect personal information. The agency is also providing a toll-free number and information on the employee web site for those who believe they may be affected by the breach."
"The server that was accessed was not connected to the operation of the air traffic control system or any other FAA operational system, and the FAA has no indication those systems have been compromised in any way. Appropriate law enforcement agencies have been notified and are investigating the data theft," said the FAA's statement.
However, it's unknown when the data breach took place and when the FAA first came to know about it. The data theft is being investigated by the Law enforcement authorities and the agency offering full cooperation.
According to Doug Church, a spokesman for the National Air Traffic Controllers Association, the FAA's data theft will affect "several thousand, may be 2,000 of FAA present and former employees in the Atlanta area". Church said, "This would impact pretty much everyone in Atlanta, including the headquarters, TRACON, the (Hartsfield-Jackson) Tower and Hampton."
In a statement, NATCA President Patrick Forrey said, "The FAA was reckless and negligent in the creation of its electronic personnel file system and then showed a blatant disregard for its employees' interests by refusing to listen to our concerns about the security of the electronic information or meet with NATCA to bargain over the impact and implementation of electronic security and files."
Latest News
|
|
|
|
|
|
|
|
|
|
|
|
Breaches due to a lagging business culture
Most companies enjoy “security” insofar as they haven’t been targeted, or had an employee make a human error with catastrophic exposure.
Price Waterhouse Cooper and Carnegie-Mellon’s CyLab have recent surveys that show the senior executive class to be, basically, clueless regarding IT risk and its tie to overall enterprise (business) risk. Data breaches and thefts are due to a lagging business culture – absent new eCulture, breaches will, and continue to, increase.
For example: Microsoft patched for the worm affecting Heartland 4 months ago.
As CIO, I’m constantly seeking things that work, in hopes that good ideas make their way back to me - check your local library: A book that is required reading is "I.T. WARS: Managing the Business-Technology Weave in the New Millennium."