USDA exposes citizen data

The Agriculture Department today announced it has publicly exposed the personal information of up to 63,000 citizens.

A USDA loan recipient April 13 notified OMB Watch that her social security and tax identification numbers were intertwined with a longer data set in their fedspending.org database. OMB Watch notified the agency, which pulled down the data that day.

On Friday, USDA admitted in a statement that private information of 63,000 individual was accessible through agency Web sites. The people were awarded funds through the Farm Service Agency or USDA Rural Development program.


OMB Watch redacted the data field on the database immediately as well.

“The data in question appears in the Federal Assistance Award Data System (FAADS), which is a government database of all federally provided financial assistance” excluding procurement, OMB Watch said in a statement. “This gross negligence on the part of the federal government is unacceptable.”

This is Agriculture’s second potential data breach since June when it discovered someone attempted to hack into one of their systems and potentially exposed the personal data of 26,000 current and retired employees and contractors.

In response to this latest breach, Agriculture spokeswoman Terri Teuber said the data in the Farm Service Agency and Rural Development databases have been scrubbed, and the chief information officer’s team is doing the same thing for all agency databases.

“The database in question has been regenerated with a new identification number for all data that has been entered in the last 10 years,” Teuber said. “We are working very quickly.”

Teuber added that after the June breach USDA Secretary Mike Johanns directed all programs to ensure social security numbers were not being exposed.

“We didn’t catch this situation because the private data was embedded in other data,” she said. “Another factor that complicated it was not all the entries contained private data. It is a small percentage that was exposed.”

Teuber would not say exactly how many citizens had their data exposed, but the agency is narrowing down the entries.

USDA is offering free credit monitoring services to all citizens whose information may have been exposed through USA.gov Web site. It will cost the agency about $4 million, Teuber said.

Agriculture also will send out letters by registered mail by Monday to all those affected, she added.

“Part of the challenge is matching entries from the affected database to the agency database that contain the citizens’ addresses,” Teuber said.

She added no instances of identify fraud has been reported.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.