Vulnerability in a vendor’s software may have exposed DHS employees’ names, Social Security numbers and birthdates.
The U.S. Department of Homeland Security (DHS) recently issued a statement acknowledging that a vulnerability in software used by a DHS vendor to process personnel security investigations may have exposed information including names, Social Security numbers and birthdates (h/t DataBreaches.net).
“DHS is evaluating all legal options and is engaged with the vendor to pursue all available remedies,” the department said in the statement.
According to DHS, the vulnerability has been present since July of 2009, and may have affected employees who submitted background investigation between July 2009 and May 2013 for positions at DHS headquarters, Customers and Border Protection, and Immigration and Customs Enforcement.
“While there is no evidence that any unauthorized user accessed any personally identifiable information, out of abundance of caution, DHS is alerting employees and individuals who received a DHS clearance, of the potential vulnerability and outlining ways that they can protect themselves, including requesting fraud alerts and a credit report,” the department noted.
Employees with questions are advised to call (855) 891-2739.