U.S. agency error exposes 2.3 million disaster survivors to fraud: watchdog
By Andy Sullivan
WASHINGTON (Reuters) – The U.S. Federal Emergency Management Agency (FEMA) exposed 2.3 million disaster survivors to possible identity theft and fraud by improperly sharing sensitive personal information with an outside company, according to an internal government watchdog.
The U.S. Department of Homeland Security’s Office of Inspector General (OIG) said FEMA had shared financial records and other sensitive information of people who had participated in an emergency shelter program after being displaced by hurricanes Harvey, Irma and Maria and the California wildfires in 2017.
The Inspector General’s office said FEMA had shared participants’ home addresses and bank account information with the contractor, along with necessary information like their names and birthdates.
That “has placed approximately 2.3 million disaster survivors at increased risk of identity theft and fraud,” the Inspector General’s office said in a report. The name of the contactor was redacted.
FEMA spokeswoman Lizzie Litzow said the agency had found no indication to suggest survivor data had been compromised.
“It’s not identified as a data breach. It’s oversharing of information,” she said.
Litzow said the agency has removed unnecessary information from the contractor’s computer systems.
But FEMA’s review only found that the contractor’s computer systems had not been breached within the past 30 days because it did not keep records beyond that point, OIG said. FEMA told the watchdog it will not be able to completely resolve the problem until June 30.
It is not the first time OIG has found that FEMA has mishandled personal information. A 2015 review revealed that agency personnel at a disaster-response center in California stored disaster survivor records in open, unsecured cardboard boxes. Investigators also found the agency mishandled data in 2013.
FEMA awarded contracts to 1,660 different entities in the last fiscal year, according to federal contracting data, covering everything from food to construction equipment.
The privacy breach is likely to prompt further criticism of an agency that was stretched to its limit in the second half of 2017 as it responded to a string of record-breaking hurricanes, wildfires and other natural disasters.
In particular, FEMA struggled to deliver food and water in a timely fashion to Puerto Rico after Hurricane Maria killed nearly 3,000 people and left the island’s 3.7 million residents without electricity for several months.
FEMA director Brock Long faced criticism last fall when DHS determined that he had inappropriately used government vehicles to commute between Washington and North Carolina. He resigned in February, capping an 18-month tenure during which the agency responded to more than 220 declared disasters.
(Reporting by Andy Sullivan; Editing by Sandra Maler and Diane Craft)
More Top Stories
U.S. House Democrats said they plan on Tuesday to pass a $4.5 billion aid package aimed at addressing the migrant surge along the U.S.-Mexico border,read more
New U.S. sanctions against Iran’s supreme leader and foreign minister have closed off diplomacy, Iran said on Tuesday, blaming the United States for abandoning the …read more
Stephanie Grisham, the communications director for first lady Melania Trump and a longtime aide to President Donald Trump, will succeed Sarah Sanders as White House …read more
The goal of a meeting between U.S. President Donald Trump and Chinese President Xi Jinping at the June 28-29 G20 summit in Japan will be …read more
The acting commissioner of the U.S. Customs and Border Protection agency, John Sanders, is resigning and will leave his post on July 5, the agency …read more
Advocates of a compensation fund for emergency personnel and others who responded at the sites of the Sept. 11, 2001 attacks on the United States …read more