Data breach du jour

Personal information about 28,000 sailors and their family members was posted to a public website last week, Navy officials disclosed.

Five spreadsheet files of data -- including names, birth dates and Social Security numbers of sailors and their relatives -- were found exposed on a Web site Thursday night during routine internal sweeps of the Internet for sensitive material, the Washington Post reported. A spokesman said the material was removed from the Web site within two hours.

"It was information you don't want on a public Web site," Cole said. "But there was no indication it was being used for illegal purposes."

It's just the latest in what seems like a daily occurence in Washington - the admission by officials that personal information of employees or taxpayers has been stolen, compromised or hacked. To wit:

• Obviously, the VA's loss of 26.5 million records of veterans' personal data.
• The Government Accountability Office's posting of 1000 names and Social Security numbers on its website archive.
• The hacking of an Agriculture Department computer with 26,000 employee records.
• The loss of a DC government laptop containing 13,000 city government employee records.
• The hacking of data on 1,500 Energy Department employees.
• The loss of an IRS laptop containing names, Social Security numbers and fingerprints of 291 employees and applications.

Navy officials don't know how the information got posted; the Naval Criminal Investigative Service is looking into whether the person who posted it was supposed to have access to the data. Cole said it is possible the information was posted inadvertently. Rep. Edward J. Markey (D-Mass.) called yesterday for the Defense Department to provide immediate free credit monitoring for sailors who may have been affected by the Internet posting. Markey wrote the incident "raises serious questions about the nature and adequacy of privacy protections afforded to active duty military personnel, their families, and military veterans."