Legal help for data breach compensation claims

When 246,000 U.S. Department of Homeland Security Employees’ details are found on a home computer, it’s time to question data security

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

The U.S. reported a discovery of 246,000 sensitive personal records belonging to Department of Homeland Security (DHS) employees on a home computer owned by an employee. The department and its employees have a vital mission to “secure the nation from the many threats” the U.S faces.

One can only wonder if they ever suspect their own colleague to be a major security threat to their personal lives…

This, let’s face it, is the kind of thing we do not want to hear about. Although this story hails from across the pond, we’ve had our own issues of a similar nature of course. The Heathrow USB stick incident springs to mind.

The Homeland Security data breach included personal details such as:

  • Names
  • Social security numbers
  • Dates of birth

That can be enough to commit some form of fraud, but we should also address the fact that knowledge of employee identities in the hands of an enemy of America could be very dangerous indeed. Even small pieces of information can go a long way in doing damage.

A report detailing the breach and the consequent investigations was relayed to key members of Congress by DHS Inspector General John Roth. Roth explained that, during the investigation, the computer server also contained a copy of 159,000 case files from the inspector general’s investigative case management system.

The breach was discovered and reported to the DHS on 11th May 2017. On 21st August the Deputy Secretary of Homeland Security Elaine Duke notified affected employees; a delay that was possibly due to concerns over national safety.

Roth’s report notes state that, after notifying the data subjects, “all potentially affected individuals will be offered an 18-month subscription to credit monitoring services.”

Officials from the Office of Inspector General (OIG) stated that “DHS is coordinating notice to the affected individuals and we are working closely with DHA to accomplish this.” The OIG acts as an internal watchdog and will hopefully review how the employee(s) managed to access so much information at home. To say that this is the department entrusted with the security of one of the most powerful countries on earth, you would think they would have super strict security protocols preventing anyone from working at home or risk so much confidential information.

According to an official statement, the responsible employee is no longer on the Office of Inspector General’s payroll. Some sources are saying that three insiders stole the computer server in order to develop “proprietary software for managing investigative and disciplinary cases,” to be sold to the other IG offices.

Only last year, 9,000 DHS employees had their personal data dumped online by a hacker. A criminal hacker reportedly breached the Department of Justice’s security walls and stole 200GB of information and threatened to leak 20,000 records belonging to FBI employees.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Author on February 22, 2018
Posted in the following categories: Data Security and tagged with | | |

South African data breach compromises 30 million personal records
NHS outsourcing and the dangers of data breaches