cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

FEMA discloses personal info for millions of survivors

OK, it's bad enough that you've been through a hurricane, fire, flood, or other disaster, and you've lost everything.

 

Now you've lost personal data, too, courtesy of the agency that is supposed to help you.

 

FEMA disclosed private data of more than a couple of million survivors with a federal contractor, meant to help find housing.  But it's not just name a cell number--no, they got electronic funds transfer numbers and other banking numbers that may increase the survivors risk of identity theft and other forms of fraud.

 

FEMA still hasn't completely fixed the problem, and may not for more than a year ...


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
2 Replies
Caute_cautim
Community Champion

Once again, it has been identified, detected and the nation and authorities have responded - but the current processes are too slow, as it takes time to ascertain the damage, implications and assess the appropriation prosecution - by that time - it could be years, before it is resolved.   This is too slow.

 

Regards

 

Caute_cautim

denbesten
Community Champion

This is really no different than using the same password on many web sites.  EFT numbers really should be uniquely generated for each business relationship and there should be a way to invalidate just one relationship.  As it stands today, each of those millions of people are now facing a new bank account, ordering new checks and reworking all their auto-pays.

 

SSNs are no different either.   To the extent they they are used for authorization (as opposed to simply identification), they should either be unique per transaction or should periodically be changed.