Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Probe Into Missing Secret Service Tapes Launched After Five Years

In February of 2008, two backup tapes containing data maintained by the U.S. Secret Service were left behind on a DC Metrorail. Now, nearly five years after the fact, the Department of Homeland Security’s Office of Inspector General (DHS-OIG) is launching an investigation into the incident.

In February of 2008, two backup tapes containing data maintained by the U.S. Secret Service were left behind on a DC Metrorail. Now, nearly five years after the fact, the Department of Homeland Security’s Office of Inspector General (DHS-OIG) is launching an investigation into the incident.

According to a statement from the US Secret Service (USSS), the tapes were not marked or otherwise identifiable in any way and are “…protected by multiple layers of security. They could not be accessed without the proper equipment, applications and encoding.”

That remains to be seen as the USSS isn’t really getting into details about the layered protections, but one has to hope they are strong, because the tapes are still missing. One has to ask though, is the encryption on the tapes strong enough to deal with decoding techniques used in 2012?

They’d better be, as according the sources cited by CNN, the tapes “…contained very sensitive Secret Service personnel and investigative information, and if accessed could be highly damaging…”

Further, Fox News reports that:

Sources said the “personally identifiable information” — or “PII,” in government-speak — on the tapes includes combinations of the following: Social Security Numbers; home addresses; information about family members; phone numbers; dates of birth; medical information; bank account numbers; employment information; driver’s license numbers; passport numbers; and any biometric information on file with the Secret Service.

Another source said the tapes also contained backup case file information from computers at Secret Service headquarters. The tapes contained a “mishmash of everything” from Secret Service computers because it was part of a now-outdated “disk shuffling” system used to transfer information between Secret Service computers and the off-site backup facility, according to two sources.

 

Advertisement. Scroll to continue reading.

The Secret Service however, maintains that no lives were placed at risk by the data loss, and that no fraud has been committed as a result. They also maintain that the DHS-OIG’s office was notified about the loss at the time of the incident, something that unnamed sources denied when speaking to FOX News.

“USSS reached out to Metro police and asked if they had found the [tapes], which they hadn’t. And then they didn’t even file a police report,” an unnamed source told Fox News.

“They didn’t report it to anyone, they didn’t inform the people whose information had been lost — they did nothing.”

The lost tapes inncident is just one of 13 separate investigations that the DHS-OIG has initiated against the USSS. The final report is due next year.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.