FBI Audit Reveals Major Data Handling Flaws

What Happened:

The FBI’s data handling practices were sharply criticized in a recent Justice Department (DOJ) audit.

The Office of the Inspector General (OIG) found that the agency is not properly managing its storage media, including removable drives, and that disposal methods could expose sensitive and classified information.

The report highlighted that some storage media, such as internal hard drives from “Top Secret” computers, were not properly tracked or secured. In some cases, these drives were left on pallets for up to two years without adequate protection, creating a significant security risk.

The audit also found that 395 people, including contractors from 17 different companies, had access to the FBI facility where the media awaited destruction. Some contractors were involved in the data handling process, raising concerns about who could access sensitive information.

Why It Matters:

These gaps in security not only pose national security risks but also highlight the need for stronger data protection protocols. The FBI has promised to implement new policies to address these concerns, but it still raises questions about how data handling is managed across government agencies.

Source

Related Resources:

The Employment Practices Code | UK ICO

Data Subjects Rights, Employment

Building a Cybersecurity and Privacy Learning Program | NIST | Initial Public Draft

Data Breaches, Employment, Risk Management, Technical and Organisational Measures (TOMs)

[Draft] Guidelines on the processing of personal data in regard to recruitment by the UK ICO

Automated Decision-making, Controllers and Processors, Data Protection Impact Assessment (DPIA), Employment, Specific processing situations