Join the Meeting Place for Moms!
Talk to other moms, share advice, and have fun!

(minimum 6 characters)

ATTENTION TRICARE MEMBERS:

Posted by on Jul. 31, 2007 at 4:32 PM
  • 0 Replies
  • 771 Total Views
TRICARE Beneficiary Personal Information at Risk: Late last week, Science Applications International Corporation, SAIC, announced that personal data including names, addresses, Social Security numbers, birth dates, and/or limited health information in the form of codes for as many as 867,000 TRICARE beneficiaries may be at risk for compromise. The personal information was being processed by SAIC under several health care contracts for the Department of Defense (DoD). The information was held on a single, SAIC-owned File Transfer Protocol (FTP) server at a small SAIC location in Shalimar, Florida.  The server was not behind a firewall and did not contain adequate password protections, which is in violation of SAIC policy. SAIC stopped using this server when security concerns were raised. Forensic analysis has yielded no evidence that personal information maintained on the server was removed or compromised; however, SAIC cannot rule out that possibility.

All affected beneficiaries will be notified. SAIC is sending one notification letter per identifiable adult (e.g., service member, spouse, dependent parent) or one per family when there is an affected minor dependant in a service member sponsor’s household. The letter will be sent from ID TheftSmart™ and delivered by the U.S. Postal Service. This package will include a letter from SAIC, a letter from the government, and information from Kroll Inc. on their IDTheftSmart™ identity restoration service. In addition, all affected beneficiaries will be provided with a free one-year membership in Kroll’s ID TheftSmart identity restoration service.

After receiving notification, impacted individuals with questions may call the Incident Response Center Monday Friday from 8 a.m. to midnight (Eastern Time) at:           

  • United States: 1-888-862-2680
  • International, call collect: 1-515-365-3550

These dedicated telephone lines are reserved for use by those individuals identified and notified in writing by SAIC, in coordination with the government, about this incident.

In response to the incident SAIC has launched an internal investigation into the situation and several employees have been placed on administrative leave pending the conclusion of the investigation. In addition, SAIC has:

  • Established a company-wide task force to ensure that the company responsibly addresses any adverse impact on the company’s customers and any affected individuals.
  • Conducted a detailed forensic analysis of the server and data, which included assistance from some of the company’s and the government’s top experts in computer security.
  • Initiated a systematic, company-wide assessment to assure that such lapses do not exist elsewhere in the company and determine whether any changes in policy, methods, tools and monitoring are needed to make sure that such a lapse does not recur.
  • Launched an internal investigation using outside counsel to determine exactly how this security failure occurred and placed a number of employees on administrative leave pending the outcome of the investigation.

In a letter to NMFA, a senior SAIC official pledged the company would “do everything we can to support military members and their families.” He also stated the company would “ensure it does not happen again.”

For more information on the security breach and what you can do to protect your personal information and recover from a theft of that information, go to: http://www.tricare.mil/pressroom/news.aspx?fid=299.

by on Jul. 31, 2007 at 4:32 PM
Add your quick reply below:
You must be a member to reply to this post.
Replies:
There are no replies to this post.
Join the Meeting Place for Moms!
Talk to other moms, share advice, and have fun!

(minimum 6 characters)