- The Washington Times - Friday, July 20, 2007

WASHINGTON Pentagon contractor SAIC Inc. may have compromised personal information about more than half a million military personnel and their relatives because it did not encrypt data transmitted online.

SAIC said Friday it has not found any evidence that the information names, addresses, birth dates, Social Security numbers and health information was accessed by unauthorized people.

“But we can’t rule that possibility out,” said Melissa Koskovich, a spokeswoman for SAIC.

SAIC provides technical services for a health benefits program used by active military personnel, retirees and their families.

This is not SAIC’s first cyber-security problem.

In January 2005, thieves broke into a facility and stole computers containing names, Social Security numbers and other information about past and current employees, according to nonprofit consumer organization Privacy Rights Clearinghouse.

SAIC is investigating how the latest incident occurred with help from a third party it did not name. An unspecified number of employees have been placed on administrative leave pending the outcome of the investigation, Koskovich said. She could not say how long the probe would take.

SAIC said the problem occurred when it transmitted online, without encryption, information about 580,000 military households that is maintained on an unsecured server in Shalimar, Fla. A household may represent more than one person, the company said.

Cyber-security analyst Bob Schmid of the New York-based New Media Institute said when data is compromised at large corporations it is usually the result of internal technology lapses, not outsiders trying to break in.

“Some institutions are so very, very large that they don’t know where all their pieces are,” said Schmid.

The company said it was notified on May 29 by the U.S. Air Forces in Europe that it had detected an unsecured transmission of the information.

SAIC said it has fixed the security problems and advised potentially affected people.

SAIC has hired Kroll Inc., a subsidiary of Marsh & McLennan Companies Inc., to help military families deal with potential identify theft issues, Koskovich said.

Bank of America analyst Gregory Wowkun said in a research note Friday that SAIC told him that Kroll’s services would cost SAIC $7 million to $9 million in its fiscal second quarter. Wowkun reduced by a penny his estimate for SAIC’s second-quarter profit.

SAIC processes health information for military personnel under a contract with the Army, Navy, Air Force and Department of Homeland Security.

A spokesman for the Pentagon could not immediately comment on the security breach.

Shares of SAIC fell 6 cents to $18.29 in midday trading.

Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.


Click to Read More and View Comments

Click to Hide