USDA Admits Exposing 26 Years Of Social Security Numbers
As many as 150,000 people have had their ID numbers exposed from an online database, one savvy farmer discovered.
The Social Security numbers of about 150,000 people may be at risk for identity theft after it was discovered that a government agency has exposed the personal identifying information on farmers and others for the last 26 years.
The U.S. Department of Agriculture announced Friday that it had inadvertently exposed online sensitive information, such as names and Social Security numbers, in a publicly available database. The database has existed since 1981 and the information has been exposed ever since it was put online, according to Terri Teuber, director of communications for the USDA.
Teuber said in an interview with InformationWeek that she's not sure when the database went online.
At the moment, the database contains information on 47,000 people who receive USDA funding from the Farm Services Agency and the USDA Rural Development agency, according to an advisory. USDA has identified between 105,000 and 150,000 individuals whose private information has been entered into the federal database at some time during the past 26 years.
The Department of Agriculture is notifying all of them about the exposure and is offering them one year of free credit monitoring.
Teuber said no one in the agency realized that the identifying information was in the publicly available database. "It's been downloaded thousands of times," she said. "It's been available for anyone to download. It's out there."
She added that different organizations actually downloaded the database and then featured it on their own Web sites. OBM Watch, a nonprofit organization that keeps an eye on government spending, had the database up on its Web site, but it has been taken down.
"This gross negligence on the part of the federal government is unacceptable," Gary D. Bass, executive director of OMB Watch, said in a written statement. "What appears to be a longstanding violation of federal law needs to be fixed without delay to protect the privacy rights of our citizens, and new identifiers need to be immediately generated to replace the current data to maintain the public's ability to track and review the government's spending of tax dollars. This fix is not technically difficult to accomplish and should be done immediately."
Teuber said the agency became aware of the data breach on April 13 after a farmer was researching the name of her farm on the Internet and stumbled upon the information. The woman is a recipient of USDA funding. Teuber said the identifying information was removed the day the woman called to notify the department.
Any USDA funding recipients who want to take advantage of the free credit monitoring can go to the USA.gov Web site.
The Agile ArchiveWhen it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
2014 Analytics, BI, and Information Management SurveyITís tried for years to simplify data analytics and business intelligence efforts. Have visual analysis tools and Hadoop and NoSQL databases helped? Respondents to our 2014 InformationWeek Analytics, Business Intelligence, and Information Management Survey have a mixed outlook.
Top IT Trends to Watch in Financial ServicesIT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Join us for a roundup of the top stories on InformationWeek.com for the week of September 18, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."