The Federal Emergency Management Agency (FEMA) exposed the personal identifiable information of 2.3 million individuals by oversharing data with a contractor.
The individuals who were affected by hurricanes Harvey, Irma, and Maria, as well as the 2017 wildfires in California , had provided their information to the Federal Emergency Management Agency (Fema) while applying for transitional sheltering in hotels.
“Since discovery of this issue, Fema has taken aggressive measures to correct this error,” Fema press secretary Lizzie Litzow said in a statement. “Fema is no longer sharing unnecessary data with the contractor and has conducted a detailed review of the contractor’s information system,”
According to FEMA a network assessment found that the contractors network contain 11 vulnerabilities and so far only a few have been resolved. Since there has not been no indication of intrusion within the last 30 days which is how far back the logs go back, there still could of been a breach previously from those 30days. Since there was not indication of the data had being compromised FEMA did not reach out to the disaster survivors to let them know that their information had not been released unnecessarily.