FEMA shares sensitive info of over 2 million
Wow, unbelievable, Harvey victims included.
WASHINGTON (Reuters) - The U.S. Federal Emergency Management Agency (FEMA) exposed 2.3 million disaster survivors to possible identity theft and fraud by improperly sharing sensitive personal information with an outside company, according to an internal government watchdog.
The U.S. Department of Homeland Security's Office of Inspector General (OIG) said FEMA had shared financial records and other sensitive information of people who had participated in an emergency shelter program after being displaced by hurricanes Harvey, Irma and Maria and the California wildfires in 2017.
The Inspector General's office said FEMA had shared participants' home addresses and bank account information with the contractor, along with necessary information like their names and birthdates.
That "has placed approximately 2.3 million disaster survivors at increased risk of identity theft and fraud," the Inspector General's office said in a report. The name of the contactor was redacted.
FEMA spokeswoman Lizzie Litzow said the agency had found no indication to suggest survivor data had been compromised.
"It's not identified as a data breach. It's oversharing of information," she said.
Litzow said the agency has removed unnecessary information from the contractor's computer systems.
But FEMA's review only found that the contractor's computer systems had not been breached within the past 30 days because it did not keep records beyond that point, OIG said. FEMA told the watchdog it will not be able to completely resolve the problem until June 30.