USDA Admits Exposing 26 Years Of Social Security Numbers - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management

USDA Admits Exposing 26 Years Of Social Security Numbers

As many as 150,000 people have had their ID numbers exposed from an online database, one savvy farmer discovered.

The Social Security numbers of about 150,000 people may be at risk for identity theft after it was discovered that a government agency has exposed the personal identifying information on farmers and others for the last 26 years.

The U.S. Department of Agriculture announced Friday that it had inadvertently exposed online sensitive information, such as names and Social Security numbers, in a publicly available database. The database has existed since 1981 and the information has been exposed ever since it was put online, according to Terri Teuber, director of communications for the USDA.

Teuber said in an interview with InformationWeek that she's not sure when the database went online.

At the moment, the database contains information on 47,000 people who receive USDA funding from the Farm Services Agency and the USDA Rural Development agency, according to an advisory. USDA has identified between 105,000 and 150,000 individuals whose private information has been entered into the federal database at some time during the past 26 years.

The Department of Agriculture is notifying all of them about the exposure and is offering them one year of free credit monitoring.

Teuber said no one in the agency realized that the identifying information was in the publicly available database. "It's been downloaded thousands of times," she said. "It's been available for anyone to download. It's out there."

She added that different organizations actually downloaded the database and then featured it on their own Web sites. OBM Watch, a nonprofit organization that keeps an eye on government spending, had the database up on its Web site, but it has been taken down.

"This gross negligence on the part of the federal government is unacceptable," Gary D. Bass, executive director of OMB Watch, said in a written statement. "What appears to be a longstanding violation of federal law needs to be fixed without delay to protect the privacy rights of our citizens, and new identifiers need to be immediately generated to replace the current data to maintain the public's ability to track and review the government's spending of tax dollars. This fix is not technically difficult to accomplish and should be done immediately."

Teuber said the agency became aware of the data breach on April 13 after a farmer was researching the name of her farm on the Internet and stumbled upon the information. The woman is a recipient of USDA funding. Teuber said the identifying information was removed the day the woman called to notify the department.

Any USDA funding recipients who want to take advantage of the free credit monitoring can go to the USA.gov Web site.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
Gartner Forecast Sees 7.3% Shrinkage in IT Spending for 2020
Joao-Pierre S. Ruth, Senior Writer,  7/15/2020
Slideshows
10 Ways AI Is Transforming Enterprise Software
Cynthia Harvey, Freelance Journalist, InformationWeek,  7/13/2020
Commentary
IT Career Paths You May Not Have Considered
Lisa Morgan, Freelance Writer,  6/30/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
Slideshows
Flash Poll