 |
« Crash test dummies | Main | The latest company perk: pet insurance »
In October 2006, the Transportation Security Administration set up a Web site so that travelers whose names were mistakenly on "no fly" lists had a way to request that their names be removed. Thousands of people went onto the site and entered personal data (via Consumerist).
Turns out, the site wasn't very secure, exposing citizens to potential identity theft, accordingto a report released last week by the House Oversight and Government Reform Committee.
The site wasn't hosted by a government domain. The home page where people logged on wasn't encrypted. One of the data submission pages wasn't encrypted and the ones that were weren't properly certified. All of this went unnoticed for four months, even as TSA Administrator Kip Hawley testified before Congress that the agency had assured "the privacy of users and the security of the system" before its launch, the report said.
Thousands of people used the site, including at least 247 travelers who entered large amounts of personal data including their names, addresses, Social Security numbers and places of birth, according to the report.
How did a small, Virginia-based contractor called Desyne Web Services get the no-bid contract in the first place? The TSA "technical lead" used to work at Desyne, went to high school with the company's owner and regularly socialized with him, the report said.
Here's the new TSA site for travelers seeking redress from security delays.
To read the full report, click here [PDF].
Here's TSA's response.
! Login below to post a comment.
Unregistered users, sign up now
Or post anonymously (About this feature)
RSS
Headline widget
Recent entries
· Court says AT&T can't force arbitration
· To reach a live person, press ...
· Homeowners sue Countrywide
· No more unwanted "robo calls"
· Refinancing not always an easy ride
RSS/Web feeds (help)
Consumer blogs / sites
· Blawg of the Attorney General's Office
· Consumer Reports Shopping Blog
· Consumer Reports WebWatch
· Consumerist
· KOMO TV consumer page
· National Consumer Law Center
Where to complain
· WA Attorney General's Office
· Better Business Bureau
· Federal Trade Commission
Recalls
· FDA recalls
· Consumer Product Safety Commission
· Recalls of cars, tires, child car seats
· USDA recalls (meat, poultry, eggs)
Government sources
· Attorney General's Office
· WA Dept of Financial Institutions
· Politicians, lobbyists shielded financiers
· New customers flocking to thrift stores
· Suit accuses Applebee's of understating calorie counts
· Internet scammers hitting hard
· On Food: 'The Flavor Bible' looks at what foods go best together
All Consuming
From the Washington State Office of the Attorney General
· Technical difficulties
· Coffee break: Outsmart a cybercrook
Consumer Reports Shopping Blog
· Please visit the Consumer Reports Money & Shopping Blog!
· Drink a toast to good value
The Consumerist
Shoppers bite back
· How Can We Save Our Debt-Swamped Government? [Your Government]
· Melissa & Doug's Sky High Customer Service [Above And Beyond]
KOMO consumer news
· Most reliable fingerprint-scan locks
· Gasoline not the only rising cost for drivers
FDA
Recalls, market withdrawals and safety alerts
· Russell Stover Candies, Inc. Issues Hazelnut Allergy Alert for the 2 7/8 Oz Size Of Private Reserve Assorted Chocolates (October 9)
· Consumer Alert: Undeclared Sulfites in Shad Raisins (October 6)
Product recalls
From the U.S. Consumer Product Safety Commission
· Gas Vent Dampers Recalled by Effikal Due to Carbon Monoxide Hazard
· Hasbro Inc. Recalls to Repair Nerf Blasters; Child's Skin Can Get Caught in Plunger of the Toy
101 Elliott Ave. W.
Seattle, WA 98119
(206) 448-8000
Home Delivery: (206) 464-2121 or (800) 542-0820
seattlepi.com serves about 1.7 million unique visitors
and 30 million page views each month.
Send comments to newmedia@seattlepi.com
Send investigative tips to iteam@seattlepi.com
©1996-2007 Seattle Post-Intelligencer
Terms of Use/Privacy Policy
