Congressional Report Blames TSA for Botched Website

Site lacked basic security features
By Sam Biddle,  Newser Staff
Posted Jan 11, 2008 10:40 PM CST
The TSA's site was supposed to let individuals dispute their place on the no-fly list.(AP Photo/Ric Feld, file)   (Associated Press)
camera-icon View 2 more images

(Newser) – The TSA awarded a website design and maintenance contract to a firm with whom an administration official had close personal and professional ties, ComputerWorld reports. The site, meant to handle individual requests to have names removed from the TSA’s no-fly list, lacked even rudimentary encryption mechanisms and was not hosted on government servers, making it a ID theft risk.

Launched in March of 2006, the faulty TSA site remained in operation until its security flaws were noticed by a university student in February of 2007. The Department of Homeland Security has established a new site, and the more than 230 people who used the original have been informed that their personal data could have been intercepted.