Congressional Report Blames TSA for Botched Website

The TSA awarded a website design and maintenance contract to a firm with whom an administration official had close personal and professional ties, ComputerWorld reports. The site, meant to handle individual requests to have names removed from the TSA’s no-fly list, lacked even rudimentary encryption mechanisms and was not hosted on government servers, making it a ID theft risk.

Launched in March of 2006, the faulty TSA site remained in operation until its security flaws were noticed by a university student in February of 2007. The Department of Homeland Security has established a new site, and the more than 230 people who used the original have been informed that their personal data could have been intercepted. (More TSA stories.)