BofA loss raises tape questions

The common practice of shipping backup tapes to remote sites may be reviewed in light of Bank of America's loss of computer tapes with personal financial information on more than 1 million federal employees.

The loss, which Bank of America officials made public Feb. 25, affected about 1.2 million federal employees who use Bank of America purchasing cards issued through the General Services Administration's SmartPay program, according to bank officials. It is unclear whether the tapes were lost or stolen.

Staff members for Sen. Susan Collins (R-Maine), chairwoman of the Senate Homeland Security and Governmental Affairs Committee, confirmed today that the senator will send a letter to General Services Administration and Bank of America officials asking how they intend to protect the identity and privacy of federal card holders.

Federal Computer Week was unable to reach Bank of America officials for comment. Bank of America is one of five banks that hold contracts with GSA for federal purchasing cards that streamline the process of buying and paying for goods and services, including travel.

The contract with Bank of America began in November 1998 and will expire Nov. 29, unless GSA exercises its option to extend the contract for another year. Asked if GSA officials were considering ending the contract with Bank of America because of the security breach, Mary Alice Johnson, a GSA spokeswoman, said, "not at this time."

Johnson said GSA officials have been meeting with federal agencies that use the SmartPay program to provide information and advise purchase card holders.

According to reports, bank officials noticed that the tapes were missing in December and notified the Secret Service. The tapes reportedly contained personal account information, including names, social security numbers and financial data.

Some industry officials said the incident highlights the need to encrypt backup tapes, a step that many organizations forgo because the encryption process severely slows down backup procedures.

"With this publicity behind this and some other recent breaches, it just shows the exposure that companies do have that ship their tapes off site," said Dore Rosenblum, vice president of marketing at NeoScale, which makes storage encryption appliances. "Really you have no choice," he added. "If some tapes don't go off site, then you don't really have a back up."

Featured

  • Defense
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    DOD CIO hits pause on JEDI cloud acquisition

    Dana Deasy set cloud as his office's top priority. But when it comes to the JEDI request for proposal, he's directed staff to "pause" to compile a comprehensive review.

  • Cybersecurity
    By Gorodenkoff shutterstock ID 761940757

    Waging cyber war without a rulebook

    As the U.S. looks to go on the offense in the cyber domain, critical questions remain unanswered around who will take the lead and how clearly to draw the rules of engagement.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Deadline extended for Rising Star nominations

    You now have until July 18 to help us identify the early-career innovators and change agents in government IT.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.