Federal data breaches jumped 19 percent last year, the Government Accountability Office said Tuesday.
There were roughly 13,000 incidents reported by agencies in 2010 involving unauthorized disclosures of personally identifiable information — last year, that figure shot up to 15,500, Greg Wilshusen, GAO’s director of information security issues, told the Senate subcommittee on government management oversight Tuesday at a hearing.
Subcommittee chairman Sen. Daniel Akaka, D-Hawaii, questioned the head of the Federal Retirement Thrift Investment Board, Greg Long, about a breach last year that involved personally identifiable information of about 123,000 Thrift Savings Plan participants. Participants were not notified of the July 2011 breach until the following May.
The thrift board followed federal guidance in responding to the attack, but it lacked a notification plan for lack of funding, Long said.
The agency will address data protection issues as part of its next recordkeeping contract, to be awarded in fiscal 2013, Long said. “That contract, I can assure you, will have very stringent IT security restrictions built into it,” he said.