http://www.washingtonpost.com/wp-dyn/content/article/2006/08/09/AR2006080901177.html By Christopher Lee and Del Quentin Wilber Washington Post Staff Writers August 9, 2006 A laptop computer belonging to the federal Department of Transportation inspector general's office was stolen last month, putting the sensitive personal information of nearly 133,000 Florida residents at risk, Acting Inspector General Todd J. Zinser said today. The laptop, assigned to a special agent in the Miami office, was stolen from a government vehicle on July 27 in Doral, Fla., Zinser told Florida Gov. Jeb Bush (R) today in a letter obtained by The Washington Post. The computer contains the names, Social Security numbers, birthdates and addresses of 42,792 Florida residents who hold a pilot's license; 80,667 people in the Miami-Dade County area who hold commercial driver's licenses; 9,496 people who took personal driver's license tests or obtained their license from an examining facility near Tampa, the letter said. "While we do not have reason to believe that the perpetrators targeted the laptop based on any knowledge of its data contents, we are nonetheless taking all possible steps to inform Florida residents," Zinser wrote. "We will be working with members of Congress, federal agencies, state and local agencies, the news media, and trucking and aviation organizations to further ensure that the individuals are aware of the situation and of the steps they may take to protect themselves from misuse of their personal information." Zinser wrote that a team of special agents has been dispatched to the Miami area to work with Miami-Dade police in investigating what happened to the laptop. A reward will be offered for its return, he wrote. "We regret this matter and take our responsibilities seriously," Zinser wrote. "We have taken action and will continue to take steps necessary to prevent this from happening again." The department has posted information about the data breach, including a toll free number for the public to call, on its Web site The theft is just the latest in a string of embarrassing data breaches reported by a wide variety of federal agencies. The highest profile incident of its kind was a May 3 burglary at the home of a Department of Veterans Affairs data analyst. Thieves made off with a laptop and external hard drive containing the names, birthdates, and Social Security numbers of as many as 26.5 million veterans and active duty service members, raising fears of mass identity theft. The computer equipment was later recovered and two men were arrested and charged with the burglary last week. Authorities do not believe the sensitive data had been accessed. The department took a public relations hit for its handling of the incident, including a nearly three week delay in disclosing the theft to Congress and the public. The bad news has kept coming at the Department of Veterans Affairs. The department announced yesterday that a desktop computer containing sensitive personal information for as many as 38,000 patients at VA hospitals in Pennsylvania had gone missing from a VA contractor's Reston office. Some of the data breaches are new, and some are merely newly disclosed as the high-profile VA case pressured agency officials to come clean about security lapses. In recent weeks, data breaches involving hundreds to thousands of people have been disclosed at the Department of Agriculture, the Department of Energy, the Department of the Navy, the Social Security Administration and the Internal Revenue Service. An Office of Management and Budget official testified in early June that federal agencies experience dozens of smaller-scale information security breaches every year, often involving government issued laptops that are lost or stolen while on business travel or when taken home. Chris Dancy, a spokesman for the Aircraft Owners and Pilots Association, said that the Florida theft concerned his group, which represents more than 400,000 pilots. "Exactly in the same way that the loss of the VA computer caused concerns for members of the military and veterans, we are very concerned anytime there is the possibility of identity theft involving our members or airmen in general," he said. Zinser wrote that he learned of the laptop theft on July 31, but was unaware that the computer contained sensitive personal information on Florida residents until Saturday, when the IG's office began investigating exactly what was in the laptop and dispatched its agents to Florida. He did not notify Florida lawmakers or the governor until today, after the Washington Post called the IG's office to inquire about a tip about the theft. In 2005, the Department of Transportation earned a C-minus on the annual federal computer security report card compiled by the House Government Reform Committee. The government-wide average for 2005 was a D-plus, but there were wide variations -- the Social Security Administration got an A-plus, while the departments of Defense and Homeland Security earned F's. The report card measures compliance with the 2002 Federal Information Security Management Act, which requires agencies to test their systems, develop cyber-security plans and report on their progress. 2006 The Washington Post Company _________________________________ Visit the InfoSec News store! http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Wed Aug 09 2006 - 22:40:16 PDT