TSA Security Flaws Cause Identity Theft

The Chairman of the House Oversight and Government Reform Committee and a U.S. Rep., Henry Waxman, D-Calif., issued a report on January 11, 2008. The report stated that the website called tsa.gov which is commissioned by the US Transportation Security Administration (TSA) is facing multiple security threats, causing serious identity thefts. The website is specially designed to help those travelers whose names have been wrongfully included on the watch list of airlines.

The TSA, responsible for inspecting baggage and maintaining safety and security of the airport, is a part of the Department of Homeland Security (DHS). It has been four months since TSA.com got operational, and became vulnerable to spam attacks. tsa.gov functions by processing removal process for those passengers who are not traveling but their names have been included in the airline's watch lists.

The report issued by the House Oversight and Government Reform Committee said that the website has numerous security flaws; it has not been hosted on a government domain, the homepage of the website has not been encrypted, one of the data submission pages of the website has not been encrypted, and all those pages that are encrypted has not been certified properly. All these flaws in the website have exposed all the American travelers to probable identity theft.

The revamped website of tsa.gov was launched in the month of October 2006 and it was in the month of February 2007 when a graduate student of the Indiana University lodged a complaint on his blog about the website facing security problems.

The summary of the report revealed that the staff committee has started investigating about the TSA launching a website that has violated the basic web security standards of operating on the request of Chairman Henry Waxman. The website fails to protect the personal and confidential information of the airline travelers.

The report said that the TSA was not at all aware of the security issues linked with the operational website. During its initial operational phase, the website subscribed thousands of travelers with their personal information onto its website, ensuring them about the privacy of the travelers and the security offered by the system.

Related article: TCU Graduate Seeks Professional Help to Invade University Network

» SPAMfighter News - 1/22/2008