Military Task Force Uncovered SAIC Data Breach:

According to the Washington Post, a routine sweep for “questionable network traffic” led the Joint Task Force Global Network Operations Center to alert the Air Force Surgeon General’s office about medical data being sent through an unprotected network server. The breach, discovered in May, came from SAIC employees in Florida working under nine military health care data management contracts. As we reported July 20, when SAIC and DOD publicly revealed the breach, the company says it has eliminated the security breach and does not believe the event compromised personal data on some 860,000 individuals. However, the Government Accountability Office in a June report said that “the extent to which data breaches result in identity theft is not well known” for two basic reasons: 1) It’s difficult to determine the source of criminal activity; and 2) There usually is a time lag of up to a year or more before the data is used. A House Government Reform Committee survey found that 17 federal agencies had identified 788 data breaches from January 2003 through July 2006. GAO analysis of the committee survey found that 17 federal agencies reported 788 separate incidents. Since discovering the SAIC breach, the company has worked with the Tricare Management Activity to match data to individuals for letters being sent out this week to affected individuals. According to a Tricare release, the data compromise risk for this incident is “low.”