Social Security kept silent about private data breach

October 13, 2011
FedCyber Wire, Incidents
No Comment

The Social Security Administration has failed to inform tens of thousands of Americans that it accidentally released their names, dates of birth and Social Security numbers in an electronic database widely used by U.S. business groups.

The federal agency has kept silent about a potentially harmful security breach of the personal data of about 14,000 people each year, ignoring recommended reporting guidelines for such confidentiality breaches and violating the intent, at least, of the U.S. Privacy Act which protects personal information of private citizens.

The mistakes Social Security has made — and continues to make — with a database called the “Death Master File” underscore how federal consumer protection laws lag far behind most of the nation. Legislation in 46 states makes disclosure of such breaches mandatory, although federal agencies generally are exempt from state and local laws.

via The Republic, continued here.