HomeBlogsMacRonin's blog

U.S. Database Exposes Social Security Numbers - New York Times

April 20, 2007 - 11:35pm — MacRonin

U.S. Database Exposes Social Security Numbers - New York Times: "The Social Security numbers of tens of thousands of people who received loans or other financial assistance from two Agriculture Department programs were disclosed for years in a publicly available database, raising concerns about identity theft and other privacy violations.

Officials at the Agriculture Department and the Census Bureau, which maintains the database, were evidently unaware that the Social Security numbers were accessible in the database until they were notified last week by a farmer from Illinois, who stumbled across the database on the Internet.

'I was bored, and typed the name of my farm into Google to see what was out there,' said Marsha Bergmeier, president of Mohr Family Farms in Fairmount, Ill.

The first link that appeared in the search results was for her farm's Web site. The second was for a site that she had never heard of, FedSpending.org, which provides a searchable database of federal government expenditures. The site uses information from the Census database.

Ms. Bergmeier said she was able to identify almost 30,000 records in the database that contained Social Security numbers.

'I was stunned,' she said. 'The numbers were right there in plain view in this database that anyone can access.'

While there was no evidence to indicate whether anyone had in fact used the information improperly, officials at the Agriculture Department and the Census Bureau removed the Social Security numbers from the Census Web site last week.

Officials at the Agriculture Department said Social Security numbers were included in the public database because doing so was the common practice years ago when the database was first created, before online identity theft was as well-known a threat as it is today.

Department officials said that more recently, when government agencies began to review public databases to remove sensitive personal information like Social Security numbers, they failed to notice that the numbers were being used in this database.

Terri Teuber, a department spokeswoman, said the agency was notifying people whose Social Security numbers were disclosed on the site. She said the agency was also planning to contract with a company to monitor the credit reports of all the affected individuals, at an estimated cost of about $4 million.

"

(Read Original Article - Via .)


Bookmark/Search this post with: