0
Congressional Report Blames TSA for Botched Website
Site lacked basic security features
By Sam Biddle
|
Posted Jan 11, 08 10:40 PM CST
|
Share
(Newser)
–
The TSA awarded a website design and maintenance contract to a firm with whom an administration official had close personal and professional ties, ComputerWorld reports. The site, meant to handle individual requests to have names removed from the TSA’s no-fly list, lacked even rudimentary encryption mechanisms and was not hosted on government servers, making it a ID theft risk.
Launched in March of 2006, the faulty TSA site remained in operation until its security flaws were noticed by a university student in February of 2007. The Department of Homeland Security has established a new site, and the more than 230 people who used the original have been informed that their personal data could have been intercepted.