Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Senator questions delay in reporting TSP cyber breach
Thursday - 5/31/2012, 1:29pm EDT
In a letter dated May 29 to FBI Director Robert Mueller, Collins asked when the FBI first became aware of the attack and whether another federal agency or department had discovered the breach first.
Collins is the ranking member of the Senate Homeland Security and Governmental Affairs Committee.
The FBI reported the breach in April of this year to the Federal Retirement Thrift Investment Board, which oversees the TSP. But the attack had occurred in July 2011.
A computer owned by Serco, Inc. — a contractor in Reston, Va., that runs the TSP's data centers and maintains the TSP record-keeping system — had been hacked, revealing personal information of about 43,000 accounts and compromising another 80,000 accounts. The TSP overall has about 4.5 million accounts and total assets of about $313 billion.
Collins also wrote a letter to Greg Long, FRTIB executive director, asking for details of the steps the board took to inform TSP participants of the breach and how the board will improve how it notifies Congress in future cases.
As previously reported by Federal News Radio, Serco shut down the compromised computer once it was informed of the attack and, with FRTIB, launched a task force to review security procedures.
FRTIB has also established a call center to provide credit monitoring for TSP participants and will flag all affected TSP accounts for heightened security measures.