http://washingtontimes.com/national/200 ... -3965r.htm

Security breach raises new doubt son CIS capability
By Charles Hurt
THE WASHINGTON TIMES
Published July 27, 2006

--------------------------------------------------------------------------------
An employee of U.S. Citizenship and Immigration Services distributed the personal and private employment information of thousands of her fellow workers last week, raising concerns that those responsible for granting visas and other immigration benefits could be exposed to outside influence.

Top officials at CIS and the Department of Homeland Security, of which CIS is a part, spent last weekend and this week evaluating the extent of the security breach for the 8,700 employees of CIS.

"The posting of this information was inadvertent, but was nonetheless a violation of DHS policy," CIS Director Emilio T. Gonzalez wrote yesterday in an internal agency memo obtained by The Washington Times.

An investigation continues, and officials are not certain how long the information was posted or whether it had been downloaded. However, Mr. Gonzalez said there is no evidence that the information was compromised.

The incident is the latest in a string of embarrassments for the agency. A House Judiciary subcommittee will hold a hearing today to investigate whether "the already overburdened" CIS is capable of implementing the "guest-worker" program that many lawmakers and President Bush want.

Homeland Security officials, union officers and others familiar with the situation said an employee in the CIS budget office accidentally posted the information of all agency employees -- including Social Security numbers and compensation levels -- on the Intranet that is accessible to anyone in the 184,000-employee Homeland Security Department.

When officials learned late Friday that the information had been posted, they had the link removed from the site. By then, the information had been accessed more than a dozen times. In addition, a spreadsheet containing the private information of employees was sent in an e-mail to 135 persons in CIS.

"Clearly the agency is not in compliance with federal information laws," said Numbers USA's Rosemary Jenks, whose organization supports stricter immigration laws and is critical of the government's handling of immigration. "For a component agency of the Department of Homeland Security, that's pretty scary."

Last year, Homeland Security's inspector general criticized CIS in numerous reports for weaknesses in data security.

Earlier this year, union representatives from CIS filed a complaint that a manager at the agency's Nebraska service center had distributed via e-mail a listing of about 170 adjudications, which included personal information such as Social Security numbers. CIS officials acknowledged the error in a letter last month.

Homeland Security Department spokesman Russ Knocke yesterday defended CIS.

"This is an agency with extremely dedicated employees who adjudicate millions of immigration benefits each year with true efficiency," Mr. Knocke said. "We have every confidence in the agency and its ability to manage a temporary worker program."