Back to Data breach

Data breach

FEMA data leak exposes data of 2.3 million disaster victims.

family-locator-app-user-data-breach

On March 22, 2019, the Department of Homeland Security revealed that the Federal Emergency Management Agency (FEMA) improperly released the personal information of 2.3 million survivors of hurricanes Harvey, Irma, and Maria, as well as survivors of the California wildfires in 2017, to an unidentified contractor.

The incident.

The Office of Inspector General (OIG) for the Department of Homeland Security released a report revealing that 20 data fields were unnecessarily shared with the contractor, including sensitive details such as the survivors’ home addresses, bank names, electronic funds transfer numbers, and bank transit numbers. The victims were enrolled in a program called Transitional Sheltering Assistance, which provides hotels to people displaced by disasters.

FEMA has violated federal privacy laws and Homeland Security policy by sharing unnecessary data to the contractor. The OIG report said that the agency had requested the contractor to remove the data from its system and has instructed its staff to undergo security awareness training.

Attackers are adept at finding weak spots that allow them to find their way to your network and databases. Auditing activities happening on the database can help ensure everything is running smoothly on servers and detect threats that could potentially lead to data loss. Download Log360, the tool that can help combat internal and external security attacks.

Here's how ManageEngine can help.

Log360, our comprehensive security information and event management (SIEM) solution, can help you:

  • Ensure integrity of critical data stored in SQL databases with column integrity monitoring . Track changes made to the data values, get the old value and changed value, and more.
  • Identify any unauthorized changes happening on confidential data stored in files and folders. Ensure its integrity with the file integrity monitoring module.
  • Detect data breaches instantly by monitoring potential risks, such as user activity during non-business hours or permission changes to business-critical files.
  • Identify privilege abuse with real-time alerts for permission changes, failed access attempts, and more to avoid unauthorized data exfiltrations.
  • Generate exhaustive reports with precise integrity details. Reports could be generated in multiple formats such as PDF, CSV, and much more. Flexible report scheduling allows you to get the reports at regular intervals automatically.

Download a free trial of Log360 to see the tool in action for yourself.

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.