Showing once again that security systems face threats from unscrupulous insiders, the Washington Post reports:
The State Department has notified approximately 400 passport applicants in the D.C. area of a breach in its database security that allowed a ring of thieves to obtain confidential information so they could fraudulently use credit cards stolen from the mail, officials said. […]
In another statement, the department said that a single State employee was allegedly involved in the fraud and that so far 400 individuals had been identified “whose records may have been accessed by the suspect for illicit purposes.” But, the statement added, “to the best of our knowledge, most of these individuals have not experienced identify theft.”
Officials declined to say how much money was stolen or how many people were involved in the scheme.
The Post notes the State Department’s recent history of security problems:
The criminal investigation has not been completed, but the scam is one more black eye for State’s passport division. Last year, the department greatly underestimated the number of passport applications it would receive and fell behind in processing them, resulting in ruined vacation plans for many Americans. Then, this year, it was discovered that workers repeatedly snooped without authorization inside the electronic passport records of entertainers, athletes and other high-profile Americans — including Sens. Hillary Rodham Clinton (D-N.Y.), John McCain (R-Ariz.) and Barack Obama (D-Ill.).
I previously blogged about snooping into politicians’ files and a recent Inspector General audit (pdf) of the State Department. “OIG found many control weaknesses—including a general lack of policies, procedures, guidance, and training—relating to the prevention and detection of unauthorized access to passport and applicant information and the subsequent response and disciplinary processes when a potential unauthorized access is substantiated.”