Language Selection

English French German Italian Portuguese Spanish

FDIC latest to fall victim to theft of employee data

Filed under
Security

In a letter to current and former FDIC workers obtained by GCN, Arleas Upton Kea, director of the agency's administration division, said that in early 2004 someone accessed current and former employee personal data without authorization. That data includes name, date of birth, salary, Social Security number and length of service.

Officials discovered the problem in March and sent letters to those affected. In the subsequent investigation, the FBI found that data of all FDIC employees and former employees has been stolen. The FBI, which would not comment on the investigation, alerted FDIC June 9, and Kea sent the letter June 10.

FDIC's inspector general also is investigating the crime. "The case still is under investigation," said a FDIC spokesperson. "There is not a lot we can say at this point."

The spokesperson confirmed that no one hacked into the agency's system but wouldn't say how the data was stolen except that it was not similar to the Bank of America situation in February. Bank of America lost back-up tapes containing data on 1.2 million federal employees.

FDIC is asking former and current employees to check their credit reports over the next 12 to 24 months for suspicious activity.

News of FDIC's security breach comes as Congress is considering a number of laws that would require immediate notification when personal data is lost. Sen. Dianne Feinstein (D-Calif.), a sponsor of one of those bills, testified yesterday before the Senate Commerce Committee.

Feinstein told the committee that "data breaches and identity theft [are] national problems that require a federal solution. One strong notification standard is what we need, not a patchwork of state laws like we are beginning to see in California, Arkansas, Georgia, Indiana, Montana, North Dakota and Washington state."

The senator's bill would require federal agencies and private-sector companies to notify individuals "without unreasonable delay" if their personal data is lost or stolen, unless law-enforcement officials say it would impede their investigation.

Along with Feinstein, Sen. Charles Schumer (D-N.Y.) and Rep. Ed Markey (D-Mass.) are among those who have introduced identity theft bills over the past few months.

Source.

More in Tux Machines

today's howtos

KDE: Qt, Plasma, QML, Usability & Productivity

  • Qt 5.11.1 and Plasma 5.13.1 in ktown ‘testing’ repository
    A couple of days ago I recompiled ‘poppler’ and the packages in ‘ktown’ that depend on it, and uploaded them into the repository as promised in my previous post. I did that because Slackware-current updated its own poppler package and mine needs to be kept in sync to prevent breakage in other parts of your Slackware computer. I hear you wonder, what is the difference between the Slackware poppler package and this ‘ktown’ package? Simple: my ‘poppler’ package contains support for Qt5 (in addition to the QT4 support in the original package) and that is required by other packages in the ‘ktown’ repository.
  • Sixth week of coding phase, GSoC'18
    The Menus API enables the QML Plugin to add an action, separator or menu to the WebView context menu. This API is not similar to the WebExtensions Menus API but is rather Falkonish!
  • This week in Usability & Productivity, part 24
    See all the names of people who worked hard to make the computing world a better place? That could be you next week! Getting involved isn’t all that tough, and there’s lots of support available.

Programming: Python Maths Tools and Java SE

  • Essential Free Python Maths Tools
    Python is a very popular general purpose programming language — with good reason. It’s object oriented, semantically structured, extremely versatile, and well supported. Scientists favour Python because it’s easy to use and learn, offers a good set of built-in features, and is highly extensible. Python’s readability makes it an excellent first programming language. The Python Standard Library (PSL) is the the standard library that’s distributed with Python. The library comes with, among other things, modules that carry out many mathematical operations. The math module is one of the core modules in PSL which performs mathematical operations. The module gives access to the underlying C library functions for floating point math.
  • Oracle's new Java SE subs: Code and support for $25/processor/month
    Oracle’s put a price on Java SE and support: $25 per processor per month, and $2.50 per user per month on the desktop, or less if you buy lots for a long time. Big Red’s called this a Java SE Subscription and pitched it as “a commonly used model, popular with Linux distributions”. The company also reckons the new deal is better than a perpetual licence, because they involve “an up-front cost plus additional annual support and maintenance fees.”

Linux 4.18 RC2 Released From China

  • Linux 4.18-rc2
    Another week, another -rc. I'm still traveling - now in China - but at least I'm doing this rc Sunday _evening_ local time rather than _morning_. And next rc I'll be back home and over rmy jetlag (knock wood) so everything should be back to the traditional schedule. Anyway, it's early in the rc series yet, but things look fairly normal. About a third of the patch is drivers (drm and s390 stand out, but here's networking and block updates too, and misc noise all over). We also had some of the core dma files move from drivers/base/dma-* (and lib/dma-*) to kernel/dma/*. We sometimes do code movement (and other "renaming" things) after the merge window simply because it tends to be less disruptive that way. Another 20% is under "tools" - mainly due to some selftest updates for rseq, but there's some turbostat and perf tooling work too. We also had some noticeable filesystem updates, particularly to cifs. I'm going to point those out, because some of them probably shouldn't have been in rc2. They were "fixes" not in the "regressions" sense, but in the "missing features" sense. So please, people, the "fixes" during the rc series really should be things that are _regressions_. If it used to work, and it no longer does, then fixing that is a good and proper fix. Or if something oopses or has a security implication, then the fix for that is a real fix. But if it's something that has never worked, even if it "fixes" some behavior, then it's new development, and that should come in during the merge window. Just because you think it's a "fix" doesn't mean that it really is one, at least in the "during the rc series" sense. Anyway, with that small rant out of the way, the rest is mostly arch updates (x86, powerpc, arm64, mips), and core networking. Go forth and test. Things look fairly sane, it's not really all that scary. Shortlog appended for people who want to scan through what changed. Linus
  • Linux 4.18-rc2 Released With A Normal Week's Worth Of Changes
    Due to traveling in China, Linus Torvalds has released the Linux 4.18-rc2 kernel a half-day ahead of schedule, but overall things are looking good for Linux 4.18.