People who were looking to save money via the U.S. Federal Retirement Thrift Investment Board’s Thrift Savings Plan may be in for a rude awakening soon. It was reported that there was unauthorized access to information of 123,301 TSP participants and payees, according to the Investment Board. Third-party service provider Serco was breached and funds may have been authorized illegally, showing the need for companies to have layered security to keep information like this away from prying eyes.
The Federal Bureau of Investigation was alerted by Serco and the FRTIB in April of the breach. Apparently, two computers were victims of unauthorized access, according to PC World. The computers were shut down and analysis was done to see who may have been affected by the breach.
“In the end, it showed that the names, addresses and Social Security numbers of about 43,000 people were accessed, something that obviously needs to be avoided again in the future,” PC World said. Another group of 80,000 people had Social Security numbers and TSP-related information accessed, but the Investment Board said there was no big problem that stemmed from this.
“There is no evidence of any funds being diverted or identity theft resulting from the incident,” Serco said of the breach, adding that there was no evidence that the TSP network itself was a victim of any kind of unauthorized access, according to the news source.
Kim Weaver, a spokesperson for the FRTIB, said the 4.5 million members of TSP were left unharmed, according to Army Times. Serco and the TSP have looked to increase cyber security to prevent things like this from happening in the future.
“It was a sophisticated attack that overcame the defenses [Serco] had in place,” Weaver said, according to the news source. “We have monitored our TSP accounts, [and] we have no reason to believe that the data was misused in any way.”
Greg Long, executive director of the FRTIB, said the organization deeply regrets the event occurred in a letter to members of the TSP. He said mthe FRTIB will look to provide help and support via credit monitoring and call centers for people who are affected by the breach and said he wants to move toward earning the trust of people who use this service.
Were you unexpectedly affected by this breach or a similar breach? Do you sympathize with organizations that are victimized, or expect more from government agencies? Let us know how you would like to be protected!