DISCLAIMER: This post may contain affiliate links.
When a disaster strikes most feel hopeless and as they try to pick up the pieces of whats left of their lives, they turn to those that can help.
One of those agencies is FEMA (The Federal Emergency Management Agency) which is a government agency that helps citizens rebuild, sustain and recover from disasters.
In order to receive help from FEMA, citizens must apply for help giving sensitive and personal information to them.
And now, FEMA has been found to have exposed personal information of 2.3 million disaster survivors and people are outraged and they should be.
The exposure of this sensitive information puts these citizens at risk for identity theft, fraud, and all other sorts of legal issues.
All of which, should be the LAST thing people in these situations should have to worry about.
In a press release, FEMA said this:
“FEMA, in coordination with the Department of Homeland Security Office of the Inspector General (DHS OIG), identified an incident involving the sharing of sensitive, personally identifiable information of disaster survivors using the Transitional Sheltering Assistance program. In transferring disaster survivor information to a contractor, FEMA provided more information than was necessary. “FEMA Press Secretary Lizzie Litzow (Source)
So, what exactly does “more information than was necessary” mean?
According to reports, FEMA provided sensitive information to a third party agency to determine whether or not citizens qualified for assistance.
Federal law and Homeland Security policy requires federal agencies to release only personal information that is legally authorized and necessary.
But during an OIG audit, it found that FEMA unnecessarily shared TSA applicants’ financial information, including financial institution names and electronic bank account information, as well as street addresses, with the contractor.
All information that should NOT have been shared and was unnecessary to determine whether or not a citizen qualified for assistance.
So, what is being done about this incident?
Well, in the same press release FEMA said:
“Since discovery of this issue, FEMA has taken aggressive measures to correct this error. FEMA is no longer sharing unnecessary data with the contractor and has conducted a detailed review of the contractor’s information system. To date, FEMA has found no indicators to suggest survivor data has been compromised. FEMA has also worked with the contractor to remove the unnecessary data from the system and updated its contract to ensure compliance with Department of Homeland Security (DHS) cybersecurity and information-sharing standards. “FEMA Press Secretary Lizzie Litzow (Source)
And that’s it.
The problem is, that information has been out there for who knows how long and just like with any other major security breach, that information could be stored away for hackers and other illegal activities to happen.
So, if you were one of the 2.3 million people affected by this security breach, it might be worth putting a freeze on your credit reports, bank accounts and anything else you feel may vulnerable to attack.