Share

Top 5 Stories

News

Senator wants more info on data breach at federal government's retirement plan

31 May 2012

Sen. Susan Collins (R-Me.) is asking the Thrift Savings Plan (TSP), the federal government’s retirement savings plan, for more details about a data breach that exposed the social security numbers and other personal information on more than 123,000 TSP account holders.

The TSP disclosed last week that a hacker in July 2011 gained access to social security numbers and other personal information of 123,201 TSP participants and payees located on a computer belonging to Serco, a third party service provider used to support the plan.

In April 2012, the Federal Retirement Thrift Investment Board (FRTIB) and Serco were informed of the breach by the FBI. The TSP was informed immediately about the breach by Serco.

The FRTIB stressed that there is “no indication that any of these data have been misused.” Notification letters were sent to those affected by the breach.

Sen. Collins, who is the highest ranking Republican on the Senate Homeland Security and Government Affairs Committee and an author of the Cybersecurity Act, sent a letter to the TSP asking for an explanation of why it took so long to notify Congress and TSP participants about the breach, according to a report by the Washington Post. “I want to assess the process and timeframe whereby this attack was discovered and addressed”, Collins said in the letter.

A TSP spokeswoman told the newspaper that the TSP needed time to analyze the information provided by the FBI and match it against TSP accounts to determine who was affected by the breach. The FBI has declined to comment on when the breach was detected, noted the report.

The analysis revealed that the names, addresses, and social security numbers, and in some cases bank account and routing numbers, of 43,587 individuals were accessed, and the social security numbers and some TSP-related information of another 79,614 individuals were taken by the hacker.

This article is featured in:
Data Loss  •  Internet and Network Security  •  Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×