Congressional Report Slams TSA For Security Breach - InformationWeek
IoT
IoT
Software // Information Management
News
1/11/2008
03:41 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%
RELATED EVENTS
4 Keys to Improving Security Threat Detection
Dec 15, 2016
In this webinar, Ixia will show how to combine the four keys to improving security threat detectio ...Read More>>

Congressional Report Slams TSA For Security Breach

At least 247 travelers submitted their personal information through the unsecured "file your application online" link, a House Oversight committee said.

Hundreds of Americans inappropriately placed on airline security watch lists and either banned from commercial air travel or subject to additional screening have also had to worry about identity theft for the past year. The Transportation Security Administration Web site set up to help innocent travelers clear their name has been deemed "insecure."

A report issued on Friday by the House Oversight and Government Reform Committee says that between October 6, 2006, when the TSA launched its Redress Management System [RMS] site, and February 13, 2007, when the site ceased operation following revelations about its lack of security, "[a]t least 247 travelers submitted their personal information through the unsecured 'file your application online' link."

The report, prepared at the request of Chairman Henry Waxman, accuses the TSA of "poor procurement practices, conflicts of interest, and weak oversight." It finds that the company hired to design the site, Desyne Web Services in Virginia, was awarded a "no-bid" contract, that the TSA official in charge of the site was a former employee of the contractor, and that the TSA did not detect the security issues for months.

The report also states that neither Desyne nor the TSA site's technical lead have been sanctioned for their roles in deploying the insecure site and that the TSA's relationship with Desyne remains ongoing.

The TSA maintains the problems covered in the report have been dealt with. "Each issue that the Committee has raised has been thoroughly addressed by TSA many months ago," said TSA spokesperson Christopher White, adding that the TSA has no reason to believe that any of 247 individuals have been subject to identity theft.

The Department of Homeland Security launched its successor to the RMS, the DHS Traveler Redress Inquiry Program (DHS TRIP), on February 20, 2007. DHS TRIP remains the primary resource for those seeking to correct information in government databases that might hinder their ability to travel.

More than 17,000 travelers have used DHS TRIP safely and securely since it launched, said White.

According to a September 2007 report from the U.S. Department of Justice, that "43% of the names reported to the TSC [Terrorist Screening Center database] are false positives." The TSC database, maintained by the FBI, is the source for names on the government's No-Fly List.

"Well-known false positives include Senator Ted Kennedy, whose name was close to the name of a suspected terrorist, and Catherine Stevens, the wife of Senator Ted Stevens, whose name was similar to 'Cat' Stevens, the former name of the singer Yusuf Islam," the House report says.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll