Government Technology

Federal Office Offers $50,000 Reward for Missing External Drive


February 5, 2010 By

The National Archives and Records Administration (NARA) is still on the lookout for a missing external drive containing copies of personal data -- including Social Security numbers -- of former Bill Clinton administration staffers and people who contacted or visited the White House during the Clinton era. One of former Vice President Al Gore's three daughters is among those affected.

"To date, we've been unable to identify and recover the hard drive. It's still outside of our control and custody as an agency," said Paul Brachfeld, the NARA's inspector general.

Brachfeld began an investigation into the drive in March 2009, right after the data was discovered missing on March 24. He expects to have a report ready to go a few weeks from now.

The data was stored on a 2 terabyte Western Digital MY BOOK external hard drive that went missing from an NARA processing room in Maryland. It was last seen somewhere between October 2008 and early February 2009. The drive was being used as a copy of originals that are still safe and sound.

"It wasn't original material. We're not missing the material itself -- that's at the archives, so we know exactly what was missing," said Susan Cooper, a spokeswoman for the NARA.

The office is willing to pay up to $50,000 for information leading to the copies' recovery. The NARA issued a Jan. 4, 2010 press release disclosing that 150,000 letters had been sent notifying affected individuals that their personal information is missing. But other letters have gone out before.

"We sent out recently [approximately] 150,000 letters, and initially we sent out 26,000 letters. So far, we're up to about 176,000," she said.

No evidence exists so far that any of the missing information has been used for nefarious purposes. The NARA is offering free credit monitoring assistance to affected parties.

So far, the office's handling of the situation seems to be a good example of how to operate after a data breach has occurred, according to Michael Maloof, CTO at TriGeo Network Security.

"I think companies have come to realize both, obviously, within the government and commercial space, that silence is deadly," he said. "If the news breaks on the front page of the Wall Street Journal that it's far more damaging than for the news story to be, 'We're announcing this breach and proactively taking these steps.'"

The NARA is currently revising internal policies and procedures to enhance its protection of electronic and textual records with personal information.

"The archives takes this very seriously, and we've taken a number of steps to ensure that this never happens again," Cooper said.

Maloof thinks governments are held to a higher standard when it comes to safeguarding personal information than private companies.

"I think there's an expectation that you're our government, and we must give you our information. I can choose which bank I want to do business with. I can choose which retailer I do business with, but if I want a passport, the Department of State's got my information," he said.

 


| More

Comments

O M KAMALO, U S NAVY (RETIRED)    |    Commented February 7, 2010

WHO WAS RESPONSIBLE FOR THE SECURITY OF THIS TYPE OF EQUIPTMENT ?

A REMOTELY ACTIVATED DESTRUCTIVE DEVICE SHOULD BE INSTALLED ON THIS TYPE OF EQUIPTMENT. "IT GOES MISSING- POOM!!- IT NO LONGER EXISTS !

O M KAMALO, U S NAVY (RETIRED)    |    Commented February 7, 2010

WHO WAS RESPONSIBLE FOR THE SECURITY OF THIS TYPE OF EQUIPTMENT ?

A REMOTELY ACTIVATED DESTRUCTIVE DEVICE SHOULD BE INSTALLED ON THIS TYPE OF EQUIPTMENT. "IT GOES MISSING- POOM!!- IT NO LONGER EXISTS !

O M KAMALO, U S NAVY (RETIRED)    |    Commented February 7, 2010

WHO WAS RESPONSIBLE FOR THE SECURITY OF THIS TYPE OF EQUIPTMENT ?

A REMOTELY ACTIVATED DESTRUCTIVE DEVICE SHOULD BE INSTALLED ON THIS TYPE OF EQUIPTMENT. "IT GOES MISSING- POOM!!- IT NO LONGER EXISTS !

John    |    Commented March 1, 2010

Hi, my name is John Hicks and I help operate the Manifestation Master website found @ http://Manifestation-Master.com I may be of assistance. Whilst I cannot guarantee the hard drive will be found I can still give it a shot.

John    |    Commented March 1, 2010

Hi, my name is John Hicks and I help operate the Manifestation Master website found @ http://Manifestation-Master.com I may be of assistance. Whilst I cannot guarantee the hard drive will be found I can still give it a shot.

John    |    Commented March 1, 2010

Hi, my name is John Hicks and I help operate the Manifestation Master website found @ http://Manifestation-Master.com I may be of assistance. Whilst I cannot guarantee the hard drive will be found I can still give it a shot.


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
Cybersecurity in an "All-IP World" Are You Prepared?
In a recent survey conducted by Public CIO, over 125 respondents shared how they protect their environments from cyber threats and the challenges they see in an all-IP world. Read how your cybersecurity strategies and attitudes compare with your peers.
Maintain Your IT Budget with Consistent Compliance Practices
Between the demands of meeting federal IT compliance mandates, increasing cybersecurity threats, and ever-shrinking budgets, it’s not uncommon for routine maintenance tasks to slip among state and local government IT departments. If it’s been months, or even only days, since you have maintained your systems, your agency may not be prepared for a compliance audit—and that could have severe financial consequences. Regardless of your mission, consistent systems keep your data secure, your age
View All

Featured Papers