[ISN] Navy took more than a year to announce personal data breach

From: InfoSec News <alerts_at_private>
Date: Tue, 6 Apr 2010 01:48:30 -0500 (CDT)

By Federal Diary
April 2, 2010

In case of danger or a natural disaster, the U.S. Navy can rapidly 
dispatch troops, fighter jets or relief supplies to troubled areas 
around the world.

So why did it take the Navy 17 months to inform employees at the Naval 
Facilities Engineering Service Center in Port Hueneme, Calif., that 
their Social Security numbers had been inadvertently released?

The information was sent in May 2008 to three other employees whose 
security access had been suspended for reasons unrelated to the 
information breach.

E-mails obtained by The Washington Post indicate that Navy officials 
quickly realized employees should be informed. But that was not done 
until October 2009. The names of those sending and receiving the 
messages were blocked out, but their offices, and in some cases their 
positions, were not.


Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
Received on Mon Apr 05 2010 - 23:48:30 PDT

This archive was generated by hypermail 2.2.0 : Mon Apr 05 2010 - 23:56:42 PDT