The biggest hack on the federal government would pale against a breach of one department that houses tens of millions of Social Security numbers and other sensitive information but lacks even the most basic cyber defenses, according to a lawmaker.
Speaking at the American Enterprise Institute this morning, Rep. Jason Chaffetz, R-Utah, sounded the alarm about security weaknesses at the Education Department, which manages over $1 trillion in loans.
“The biggest vulnerability that I see out there right now: the Department of Education,” Chaffetz said. “If they don’t get their act together and their act together soon…”
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
The Education Department came under scrutiny by the House Oversight and Government Reform Committee in February, when House Republicans questioned Education officials’ inability to protect a database with over 130 million Social Security numbers from cyberattacks. The actions of the department’s then-chief information officer, Danny Harris, were also examined closely. Weeks after that hearing, Harris stepped down.
“I think [Harris] understood he wasn’t doing his job and should never been in that position in the first place,” Chaffetz said.
“But there’s more information at the Department of Education than there is at the Office of Personnel Management,” he continued. “And that is my biggest fear. I still sweat about what’s happened at the Department of Education.”
Despite housing tens of millions of people’s sensitive information and 180-plus databases, the agency doesn’t “even have the most basic of tools” to protect them against breaches, Chaffetz said.
“If junior decides he wants to go to college … and he wants to get that Pell grant, he wants to get these other loans, guess what?” Chaffetz said. “He’s putting mom’s information in there, he’s putting dad’s information, he’s putting his brother’s information, he’s putting dad’s uncle’s information—credit …