US GOVERNMENT REPORTS 788 CASES OF LOST DATA http://www.chron.com/disp/story.mpl/ap/politics/4258344.html

WASHINGTON — Federal workers at 19 agencies have lost personal information affecting thousands of employees and the public, raising fresh concerns about the government's ability to protect sensitive information.

Most of the data was lost or stolen. In a few cases, it was accessed by computer hackers, according a report released Friday by the House Government Reform Committee. Government contractors were responsible for many of the security breaches.

In all, the committee reported 788 incidents involving the loss or compromise of sensitive personal information since Jan. 1, 2003. That was in addition to the "hundreds of security and privacy incidents" at the Department of Veterans Affairs, the report said.

"Data loss is a government-wide occurrence," the report said. "The vast majority of data losses arose from physical thefts of portable computers, drives and disks or unauthorized use of data by employees."

The committee asked all Cabinet agencies, the Office of Personnel Management and the Social Security Administration to report all losses of sensitive personal information since January 2003. The request came after a laptop with information for more than 26.5 million military personnel wasstolen from a Veterans Affairs Department employee in May. Law enforcement officials recovered the laptop, and the FBI said Social Security numbers and other personal data had not been copied.

In many of the newly reported cases, the agencies still don't know the extent of the losses, the report said.

The Treasury Department reported the most incidents _ 340 _ including one in 2005 in which an IRS employee reported a missing computer drive nearly a month after he had last seen it.

The Commerce Department reported 297 incidents since January 2003. However, in a separate report released in September, the department acknowledged losing 1,137 laptops since 2001. Most of the lost computers had been used by the Census Bureau.

Among the other security breaches cited in the report:

_In August, a laptop containing personal information on 30,000 applicants, prospects and recruiters fell off a motorcycle driven by a Navy recruiter. Someone in a car apparently stopped and picked up the computer. A notification letter is being prepared for those affected.

_In 2004, a federal student aid contractor used a commercial shipping company to send personal information on 8,290 borrowers. The package was lost in transit, but the Education Department decided against notifying the affected people.

_A computer hacker used "malicious software" to access files containing personal information on 1,717 employees of the National Nuclear Security Administration in 2005. The Energy Department, which oversees the agency, said it has improved itscomputer defenses.

_ Two employees of a contractor for the Centers for Medicare and Medicaid Services stole records containing information on about 1,574 Medicare beneficiaries "for the purpose of identitytheft" in 2005. The affected people were notified.

_A company that issues charge cards for the Interior Department lost data tapes containing information on 61,000 cardholders in 2005. The cards were issued under the General Services Administration's SmartPay program. Affected cardholders were notified.

_In July, six Justice Department employees submitted computerized attendance reports containing Social Security numbers. Those reports were then downloaded 220 times and viewed 7,772 times. The incident is being investigated.