FAA Hack Prompts Search for Sensitive Data | eWeek

FAA Hack Prompts Search for Sensitive Data

Écrit par
Roy Mark
Roy Mark
Feb 26, 2009
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

In the aftermath of a Feb. 10 hack at the Federal Aviation Administration that exposed more than 45,000 current and former FAA employees to potential identity theft, the agency plans to use a crawler-type application to inventory the FAA’s sensitive data. Once the inventory is done, the FAA will determine what data contains sensitive information and take adequate steps to protect it.
Dave Bowen, the FAA’s CIO, said at a TechAmerica (the former ITAA) event Feb. 24 that the hack forced agency officials to recognize that the agency could not account for where all its sensitive employee data was in the vast FAA infrastructure. According to the FAA, the attacked server was not connected to the operation of the air traffic control system or any other FAA operational system.
“We recognize that this is a problem, and we’re taking steps to remediate it,” said Bowen. “We are going to be looking aggressively across our entire infrastructure. This file was just sitting out there; it didn’t really relate to a system.”
Bowen said the hacked server was probably used for testing purposes some time in the past and had never been cleaned of sensitive data.
According to the FAA, two of the 48 files on the breached computer server contained personal information about who was on the FAA’s rolls as of the first week of February 2006. All affected employees have received individual letters to notify them about the breach.
“The FAA is moving quickly to prevent any similar incidents and has identified immediate steps as well as longer-term measures to further protect personal information,” the FAA stated after the breach. “The agency is also providing a toll-free number and information on the employee Web site for those who believe they may be affected by the breach.”
Bowen said the hack remains under investigation.
The number of reported data breaches in the United States jumped nearly 50 percent in 2008, according to the ITRC (Identity Theft Resource Center). All totaled, there were 656 breaches reported in 2008, up from 446 in 2007. The breaches led to nearly 35.7 million records being exposed.
According to the ITRC, only 2.4 percent of all the data breaches had the information secured by encryption or other strong protection methods. Just 8.5 percent had the exposed data protected by passwords.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.