SAIC Issues Alert on Potential Data Compromise
Science Applications International Corp. or SAIC, the military support contractor, said on 19th July 2007 that a potential compromise of the personal information of over half a million people may have occurred because the company had not encrypted the data prior to releasing it on the Internet.
Although SAIC said that there was no evidence of unauthorized access to the information, yet it warned its members about the existence of a possible breach. The data comprised of names, birth dates, addresses, Social Security numbers and information on health.
The contracting company said that the U.S. Air Forces in Europe notified it on May 29, 2007 after it spotted the information transmission in an unsecured form. The Air Forces spotted it when its military task force was scanning network traffic, said an Air Force spokeswoman, Jean Schaefer. The special task force routinely directs the computer network operation for the military. Washington Post published Schaefer's statement on July 21, 2007.
SAIC described the problem as a result of its online transmission of unencrypted information of nearly 580,000 military households that an unprotected server maintains at Shalimar, Fla. A household represents a family of individuals.
Investigation is ongoing on how the event took place. For this, the company has taken the help from an external source, which it declined to name. The company has placed several employees on administrative leave till the announcement of final results of the probe, said Melissa Koskovich, an SAIC spokeswoman. Forbes.com published Koskovich's statement on July 20, 2007.
Such an online security problem is not the first of its kind for SAIC. The company suffered theft of a number of desktop PCs at its San Diego offices in January 2005. The PCs stored employee stockholders' details consisting of names, phone numbers, Social Security numbers and stock operations. The firm alerted 45,000 existing and ex-employees about a potential compromise of their private information.
But after the current hacking incident, the company has resolved its security problems. It has also appropriately advised people at risk. SAIC has also engaged Kroll Inc. to guide military families in dealing with issues of identity theft, Koskovich said.
Related article: SEC Imposes Trading Ban on 35 Companies
» SPAMfighter News - 06-08-2007