Reading:
When 246,000 U.S. Department of Homeland Security Employees’ details are found on a home computer, it’s time to question data security
Share:
homeland security data breach

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

When 246,000 U.S. Department of Homeland Security Employees’ details are found on a home computer, it’s time to question data security

The U.S. reported a discovery of 246,000 sensitive personal records belonging to Department of Homeland Security (DHS) employees on a home computer owned by an employee. The department and its employees have a vital mission to “secure the nation from the many threats” the U.S faces.

One can only wonder if they ever suspect their own colleague to be a major security threat to their personal lives…

This, let’s face it, is the kind of thing we do not want to hear about. Although this story hails from across the pond, we’ve had our own issues of a similar nature of course. The Heathrow USB stick incident springs to mind.

The Homeland Security data breach included personal details such as:

  • Names
  • Social security numbers
  • Dates of birth

That can be enough to commit some form of fraud, but we should also address the fact that knowledge of employee identities in the hands of an enemy of America could be very dangerous indeed. Even small pieces of information can go a long way in doing damage.

A report detailing the breach and the consequent investigations was relayed to key members of Congress by DHS Inspector General John Roth. Roth explained that, during the investigation, the computer server also contained a copy of 159,000 case files from the inspector general’s investigative case management system.

The breach was discovered and reported to the DHS on 11th May 2017. On 21st August the Deputy Secretary of Homeland Security Elaine Duke notified affected employees; a delay that was possibly due to concerns over national safety.

Roth’s report notes state that, after notifying the data subjects, “all potentially affected individuals will be offered an 18-month subscription to credit monitoring services.”

Officials from the Office of Inspector General (OIG) stated that “DHS is coordinating notice to the affected individuals and we are working closely with DHA to accomplish this.” The OIG acts as an internal watchdog and will hopefully review how the employee(s) managed to access so much information at home. To say that this is the department entrusted with the security of one of the most powerful countries on earth, you would think they would have super strict security protocols preventing anyone from working at home or risk so much confidential information.

According to an official statement, the responsible employee is no longer on the Office of Inspector General’s payroll. Some sources are saying that three insiders stole the computer server in order to develop “proprietary software for managing investigative and disciplinary cases,” to be sold to the other IG offices.

Only last year, 9,000 DHS employees had their personal data dumped online by a hacker. A criminal hacker reportedly breached the Department of Justice’s security walls and stole 200GB of information and threatened to leak 20,000 records belonging to FBI employees.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon