Millions of child support records stolen, D.C. officials want answers

Two people have been arrested, but the stolen drives are still missing

In early February, a thief broke into several offices in Olympia, Washington to steal anything he could grab that was worth selling. In one locked drawer, the thief found a couple of external hard drives that he added to his haul of cash, cameras, electronics and laptops.

The hard drives belonged to the local office of the Administration for Children and Families, part of the Department of Health and Human Services, and contained between two and five million records related to child-support audits.

As of Thursday morning, the City of Olympia police department did not know what happened to the drives, even though two people have been arrested in connection with the theft.

"We did recover some of the stolen items, but have not yet been able to recover the hard drives," said Laura Wohl, public information officer for the department.

Now federal officials and elected representatives are looking into the case.

"Your staff acknowledged that the use of personal equipment is a clear violation of HHS privacy and security policy," wrote Utah Republican Jason Chaffetz and Maryland Democrat Elijah Cummings in a letter on Tuesday. Chaffetz is the chairman and Cummings the ranking member of the U.S. House of Representatives' Committee on Oversight and Government Reform.

"It demonstrates clear, overarching problems in handling of children's' sensitive information," said Andrew Komarov, Chief Intelligence Officer at Scottsdale, Arizona-based security firm InfoArmor, Inc.

The time it took to report a breach was also a concern for the elected officials.

"It is unclear why the department waited nearly two months to provide Congress with notification," the representatives added, since notification is required within seven days under the Federal Information Security Modernization Act.

The two representatives asked the department to brief the committee no later than Monday about the full extent of the data loss.

The previous day, Republican Senator Ron Johnson of Wisconsin, chair of the Committee on Homeland Security and Governmental Affairs, also sent a letter asking for this information, as well as whether information from other offices at HHS was compromised during the theft.

There was no information yet as to whether the drives were encrypted.

"Sensitive data should always be encrypted when stored on disks and elsewhere at rest," said Giovanni Vigna, co-founder and CTO at Redwood City, Calif.-based security firm Lastline, Inc.

"This is something that is easily achievable with encrypted file systems, which are now widely available in any and every operating system.”

Vigna added that government employees need to get training in protecting data, and copying data for personal convenience should be a career-limiting move.

Join the CSO newsletter!

Error: Please check your email address.

More about Department of HealthHouse of RepresentativesInc.Lastline

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Maria Korolov

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place