Justice Dept. Not Protecting SSNs

Social Security numbers (SSN) are generally used for one thing: Social Security. That's all they're supposed to be used for. They are supposed to be a fairly private number because possession of it could allow certain records to be manipulated. How is it then, that the Department of Justice (DOJ) published SSNs on its website.

InformationWeek put together a great story on the Justice Department's apparent issues involving the social security numbers of past cases from the DOJ. Based on a tip they received, InformationWeek accessed multiple names and the accompanying SSNs. A particular instance involved a woman from a 2003 case involving immigration review. But there were others.

While the DOJ said the problem would be corrected and that they follow privacy rules, the Privacy Act and the Freedom of Information Act, the problem still exists and it's likely to get worse. The DOJ suggests they are working hard to fight identity fraud yet they publish SSNs on their site.

The article pointed out some 51 million people had their identity compromised in 2005 and Congress is set to relax rules on reporting these security breaches. After a terrible year for identity fraud, one would think the rules would be improving.

This isn't the only case of problems with the federal government though. The FBI doesn't have up-to-date security certificates; the DOD and defense contractors get hacked by Chinese hackers and the list goes on.

The federal government talks a decent game when it comes to stopping cybercrime and having adequate protections. That doesn't seem to be the case. They need to get their own house in order, if not, it's not going to matter what they do with everyone else.