ALL >> General >> View Article
Email Exposed 4.000 Securities And Exchange Commission Employees

An Interior Department payroll processing center that provides services to several agencies unintentionally exposed the full names and Social Security numbers of nearly 4,000 Securities and Exchange Commission employees earlier this month, according to Interior officials.
On May 4, a customer support contractor inadvertently replied to a routine question from an SEC employee in an unprotected email format, and a device that was supposed to block outbound emails containing personal information failed to catch the error. A second detection system immediately notified the center’s staff about the problem, Interior spokesman, Drew Malcomb said.
Officials have no indication any information was intercepted by intruders during the approximately 60 seconds the data was in transit. Nor was sensitive information from other agencies or employees affected by the lapse at the Interior’s National Business Center, a shared services facility that handles administrative work for the Transportation and Defense departments, among others.
An investigation was launched into the incident at the service center after the ...
... data breach was discovered. An assessment of the software and security protocols at the National Business Center is ongoing. While they are not aware of any instances of identity theft, officials sent a letter to all affected employees offering 60 days of free credit-monitoring services.
The National Business Center has dealt with several incidents in the last year regarding lost or leaked employee information. In February 2010, a similar software malfunction almost exposed personnel data, but an employee caught the mistake and the software was later updated.
Then in May, a compact disc that contains personally identifiable information for about 7,500 federal employees had been reported lost by the Interior Department’s shared services centre and has still not been recovered. The incident occurred on or around May 26, 2010, when a procurement specialist at Interior’s National Business Center in Denver reported that the CD could not be located. The disc was sent to the business center by a third-party service provider. However, the files on the CD were encrypted and password-protected, so the chances of the information falling into the wrong hands were low, officials said at the time.
Such exposures of unencrypted personal information go unnoticed almost daily because they are not reported, according to John Gilligan, a member of the Obama-Biden transition team who helped formulate the administration’s information technology policies in defense and intelligence. Making matters worse, he says, is that many federal IT systems do not automatically protect with code, or encrypt, sensitive information.
“We put the burden of encryption on lots of individuals, many of whom are busy,” said Gilligan, previously a chief information officer at the Air Force and Energy departments. “It’s not that it’s not possible to do. Computers are very powerful. The developers have not yet really said, ‘Ah, this is a design problem, not a human problem.’ The government should start requiring vendors to configure their software in a secure manner before deploying it,” he added.
The frequency of data breaches of information details is only going to increase if government departments and organizations fail to pay attention on the vulnerabilities of their information and network security. Government departments and organizations need to enforce robust information security initiatives, including having a proficiently skilled IT security workforce, in order to prevent cyber attacks and minimize security breaches.
Information security professionals can increase their IT security knowledge and skills by embarking on advanced and highly technical training programs. EC-Council has launched the Center of Advanced Security Training (CAST), to address the deficiency of technically proficient information security professionals.
Additionally, the all-new EC-Council CAST Summit series is also created to make advanced information security training opportunities available for information security professionals across the globe. It will be the excellent platform for any IT security professionals to acquire cutting edge skills by embarking on the CAST workshops, or further enhance their IT security knowledge by attending the one-day seminar.
The 3 days CAST Summit workshop covering current and important security topics such as penetration testing, application security, cryptography, network defense and mobile forensics training, and allows for participants to actually learn, and not just listen or be rushed through a short presentation like how it’s like in many other events or conference. All of these IT security trainings will only conducted by appointed EC-Council Master Trainers, some of whom are authors of the respective trainings.
About EC-Council
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT).
EC-Council’s Center for Advanced Security Training (CAST) was created to address the need for highly technical and advanced IT security trainings for information security professionals. CAST programs stand out from others thorough their extreme hands-on approach. CAST offer programs that cover important domains such as advanced penetration testing, malware analysis, advanced social engineering, cryptography, digital mobile forensics training, and web application security, among others information security training.
EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. Its certification programs are offered by over 450 training centers across 84 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS).
Add Comment
General Articles
1. Prognathism – Types, Causes And DiagnosisAuthor: James Bolte
2. Direct Release Systems: A Game Changer In Fire Protection Technology
Author: oliver
3. How To Buy A Car Online ?
Author: Lavy Johnson
4. How Ai In Web Development Enhances User Experience For Saas Products
Author: david
5. Safety And Style Combined: Why Choosing The Right Capsule Lift Manufacturer In Delhi Is A Long-term Investment
Author: Hybon
6. Discover The Health And Wellness Benefits Of A West Kelowna Sauna
Author: Duke John
7. Did You Know Turnkey Laboratory Solutions Can Cut Your Project Time In Half?
Author: Naveen Sharma
8. Не просто коробки: почему упаковка стала вашим молчаливым менеджером по продажам
Author: Sanya Nekitich
9. Easy Pain Relief Treatment In Kattupakkam - Go Physio
Author: Go Physio
10. Powerful Remedies: Kaal Sarp Dosh Puja Dates, Pitra Dosh In Kundali
Author: Ajay Guruji
11. Key Features Of A Reliable Agentic Ai Development Service In 2025
Author: Albert
12. Hearing Loss: Types, Symptoms, Causes & Treatment
Author: Omkar
13. Todoo Fizo 30000 Disposable Vape Review: Long-lasting Puffs & Rich Flavor
Author: Todoovape
14. Amchur Powder: The Perfect Combination Of Taste And Health
Author: Nitin Bhandari
15. The Best Mens Rolex Watches For Everyday Wear
Author: The Diamond Box