• Who We Are
• For Travelers
• What We Do
• Join Us
• Our Approach
• Media Room
• Research Center

Top 5 Questions

• What happened?
  TSA learned on Thursday, May 3 that an external hard drive containing personnel data (including name, Social Security number, date of birth, payroll information, financial allotments, and bank account and routing information) was discovered missing from a controlled area at the Headquarters Office of Human Capital. TSA immediately reported the incident to senior Department of Homeland Security (DHS) and law enforcement officials and launched an investigation. TSA notified all employees of the incident on Friday, May 4 after initial inquiries did not lead to the discovery of the hard drive.
  
  TSA has no evidence that an unauthorized individual is using your personal information, but we bring this incident to your attention so that you can be alert to signs of any possible misuse of your identity. TSA apologizes that your information may be subject to unauthorized access, and deeply regrets this incident.
• Who was affected?
  All TSA employees hired between January 2002 and August 2005 are affected, not just TSOs.
• What can an employee do to protect their identity?
  At this point TSA has no information that data were misused. However, because Social Security numbers and bank account information were included, we advise individuals to monitor financial accounts continuously for suspicious activity. Following are steps current and former employees hired between January 2002 and August 2005 can take to protect their identity.
  1. TSA will provide one year of free credit monitoring from Identity Force. Current and former employees hired between January 2002 and August 2005 can sign up for these services free of charge via Internet, fax or US Mail. The address is Identity Force, 861 Edgell Road, Suite 205, Framingham, MA 01701. You may also submit information via fax at 866-270-3067 and on the Internet at www.identityforce.com/tsa. Identity Force will assist you with setting up a fraud alert on your credit file to let creditors know to contact you before opening a new account in your name. They will also be able to provide credit reports, identity theft insurance, and have specialists who will work with you to clear your name in the event you are a victim of identity theft. Current and former employees who were hired between January 2002 and August 2005 can sign up for these services.
  2. In addition to credit monitoring, the package includes identity theft insurance up to $25,000, and identity restoration specialists who will complete paperwork and assist employees in the event they are a victim of identity theft.
  3. When you receive your credit reports, review them carefully for accounts you did not open or for inquiries from creditors that you did not initiate. Also, review your personal information for accuracy. If you see anything you do not understand, call the credit agency at the telephone number on the report.
  4. If you find any suspicious activity on your credit reports, file a report with your local police.
• What is the easiest way I can protect my bank account, and avoid missing a direct deposit paycheck?
  Contact your bank and open a new account. Once a new account number is established, contact the Peopleline at (866) 274-6438 or TSAHRServices@accenture.com to have your direct deposit re-routed. Be aware that it may take a few weeks for that change to be processed. You should not completely close the old account as that will stop the direct deposit of salaries. It is important to keep the account that receives your direct deposit open until that deposit is rerouted. You may also log onto the Employee Personal Page (EPP) at www.nfc.usda.gov, to change your account information so that your pay check will go to that new account. Continue to monitor your bank statements regularly, and contact your bank should you identify any suspicious transaction activity.
• What is TSA doing to find the hard drive?
  TSA's investigative division is working very closely with our partners at the U.S. Secret Service to attempt to locate the hard drive. This includes interviewing key TSA employees, collecting forensic evidence and other activities.

Employee Concerns

• Should I cancel my bank account or credit cards?
  You do not have to close your bank account or cancel your credit card. You should however, take steps to protect yourself against identity theft. Monitor your financial accounts. One way to monitor your financial accounts is to review your credit report. By law you are entitled to one free credit report each year for each major credit bureau. Request a free credit report from one of the three major credit bureaus:
  
  Equifax - 1-800-525-6285
  Experian - 1-888-397-3742
  TransUnion - 1-800-680-7289
• How will a bank account be impacted if it is a joint account with another person?
  The actual identity theft protection is being provided to the TSA employee. However, that protection applies to all accounts of the TSA employee, whether accounts are joint or single.
• How will TSA pay me if I cancel my bank account?
  Cancelling your bank account will prevent you from receiving your paycheck on its originally scheduled date. If you wish to receive a physical check rather than direct deposit, contact Peopleline at (866) 274-6438 or TSAHRServices@accenture.com.
• Where should I report suspicious or unusual activity?
  The Office of Human Capital (OHC) recommends the following four steps for current and former employees hired between January 2002 and August 2005 if you detect suspicious activity:
  
  STEP 1: You should contact the financial institutions to which TSA or your current employer electronically transfers your salary and other financial allotments to alert them that your account and routing information may have been compromised. Do NOT close this account or else TSA will not be able to directly deposit your pay. You should create a new account and move your funds to that account. Ask to be notified of any unusual activity.
  
  STEP 2: Employees may use the free credit monitoring service from Identity Force and they will assist you with setting up a fraud alert on your credit file to let creditors know to contact you before opening a new account in your name. They will also be able to provide credit reports, identity theft insurance, and have specialists who will work with you to clear your name in the event you are a victim of identity theft.
  
  STEP 3: When you receive your credit reports, review them carefully for accounts you did not open or for inquiries from creditors that you did not initiate. Also, review your personal information for accuracy. If you see anything you do not understand, call the credit agency at the phone number on the report.
  
  STEP 4: If you find any suspicious activity on your credit reports, file a report with your local police.
• How is the free credit monitoring service going to work? I called a credit services company and was told the enhanced monitoring would be $100 per year. Will I be reimbursed if I pay for this enhanced monitoring?
  TSA will provide free credit monitoring to employees affected by the security incident for one year if they sign up through the TSA Web site. If you sign up for coverage independently, that will not be covered. Incidentally, TSA has negotiated a much better group rate for the coverage.
• Has TSA alerted financial institutions regarding this security breach?
  No, employees should contact their financial institutions; given the large numbers of employees at TSA, they have accounts at too many financial institutions for the agency to contact them all.
• If I want to close my bank account what should I do?
  Employees affected by this breach who want to open a new bank account should use the following steps:
  1. Open a new account and get a new account number.
  2. Fill out direct deposit form at the bank.
  3. Log onto Employee Personal Page (EPP) at www.nfc.usda.gov, to change your account number so that your pay check will go to that new account.
  4. Do not close your old account until you confirm that your pay is being deposited into the new account.
• My bank has asked if my account number or just the routing number is on the missing hard drive?
  Both account and routing numbers are contained on the hard drive.
• Are TSA contractors from this period affected?
  No, contractor information is not contained on the hard drive.
• Is the bank account information updated or is it the bank of record as of August 2005?
  The information on the hard drive is bank information as of August 2005. If your bank information has changed since then it will not appear on the hard drive.
• Is the use of Social Security numbers by the Online Learning Center (OLC) secure?
  Those who use the OLC know that in order to access it you must enter both your Social Security number and a password so the information remains secured.
• Are our beneficiary forms part of the missing information?
  No, beneficiary information is not included on the missing hard drive.
• In some locations, TSA has credit card information on file for monthly parking charges. Is credit card information contained on the hard drive?
  No, that information is not on the hard drive.
• Will I still receive credit monitoring even if I leave TSA?
  Yes, if you sign up for the credit monitoring services they will cover you for a year from the sign-up date regardless of who your employer is during the year.

All Employee Concerns

• How can I tell if my information was compromised?
  At this point there is no evidence that any missing data have been improperly used. However, the Administrator is asking all employees to be extra vigilant and to carefully monitor bank statements, credit card statements, and any statements related to recent financial transactions. If you notice unusual or suspicious activity, you should report it immediately to the financial institution involved and file a report with your local police.
• Will TSA provide the one-year identity theft protection for former employees or only current ones?
  Identity theft protection is available only for current and former employees who were employed from January 2002 to August 2005. TSA is working closely with the vendor to ensure they have the information they need to verify that an individual is a current or former TSA employee.
• Are my travel reimbursements or FSA payments affected as well as my direct deposit?
  If your travel payments have the same banking information as your payroll, and you chose to change your banking information, you will have to fill out a new form for your travel payments also. The link is here if you choose to make that change: https://www.fincen.uscg.mil/secure/enrollment_form.htm
• Were travel cards compromised?
  No, travel card information was not included on the hard drive.
• How will former employees get this information?
  TSA's human resources contractor Accenture will reach out to current and former employees with information about the data breach and what they can do. For those employees who are hearing about this situation for the first time, we encourage you to go to TSA's web site www.tsa.gov to learn more.
• How many people are affected?
  Approximately 100,000 individuals were possibly affected.
• Is my Thrift Savings Plan (TSP) account compromised?
  No. There is no information on the hard drive related to your TSP.
• Will TSA pay for the fees charged when ordering new checks for new accounts and other expenses or losses?
  No. This not included in the fraud protection provided by TSA.

TSA's Response

• Why did TSA wait a day to notify its employees of the breach?
  TSA acted quickly and thoughtfully to first gather all the facts and take the steps necessary to ensure the hard drive was not simply misplaced. While this was underway TSA began working with the Department of Homeland Security, Secret Service and other federal entities to take the steps necessary to investigate the potential breach and protect employees. Once TSA had a fuller picture of the situation and mechanisms in place to inform their workforce and assist them with their needs, the agency notified its employees of the potential breach and soon after provided information on how they can protect themselves.
• What is TSA doing to ensure this security breach does not happen again?
  TSA is investigating this incident and is reviewing its policies and procedures to prevent future occurrences. TSA is committed to maintaining the privacy of employee information and takes many precautions for the security of personal information. TSA has zero tolerance for employees not following policies on data protection and will take swift disciplinary action, including dismissal, against individuals found to be in violation of our procedures.
• Why would TSA need this archived data readily available?
  It is necessary for the Office of Human Capital to frequently access this data to address employee compensation concerns.

Investigation

• Does TSA know if this hard drive was stolen?
  The hard drive is missing, and in an abundance of caution TSA is treating this as a criminal matter. The FBI and U.S. Secret Service are assisting in the forensic review of equipment and the facility.
• How can you be sure no passenger data was exposed?
  This drive was only used by TSA's Office of Human Capital and was only used to store employee data.
• Were the identities of federal air marshals compromised?
  Employee data for TSA employees at all levels and positions, who were employed between January 2002 and August 2005, are contained on the missing hard drive. This includes federal air marshal employee data. However, the information contained on the hard drive would require extensive inside knowledge to identify any employee by job category, including a federal air marshal.
• How should federal air marshal service employees obtain additional information?
  Instead of calling the TSA Peopleline, federal air marshal employees should call 1-609-909-5700 with any questions they may have.
• Have any personnel actions been taken?
  It is not appropriate to comment on personnel actions during the investigation and until due process is carried out. Rest assured this matter is being taken very seriously. TSA has zero tolerance for employees not following policies on data protection and will take swift disciplinary action, including dismissal, against individuals found to be in violation of our procedures.
• What data was included on the hard drive?
  Employee pay information, name, Social Security number, date of birth, salary, deductions, leave information, bank account and routing information.
• What measures were in place to protect the hard drive containing employee information? Were the data encrypted? If not, why and if it was encrypted why is there a security concern?
  TSA is investigating this incident to determine if data security procedures were followed. TSA is committed to maintaining the privacy of employee information and takes many precautions for the security of personal information. TSA has zero tolerance for employees not following policies on data protection and will take swift disciplinary action, including dismissal, against individuals found to be in violation of our procedures.
• What steps has TSA taken to assist and educate employees?
  TSA employees are encouraged to go to the TSA web site to get the latest updates on the breach and information they can use to protect their personal information. The site has links that will allow employees to sign up for one year of free credit monitoring, the proper steps to take to protect your bank account, and learn more about protecting against identity theft.
• Is TSA liable if my identity is stolen?
  Through the Identity Force program all current and former employees impacted by this data breach will be protected from identity theft. This service includes credit monitoring, ID theft insurance up to $25,000, fraud alerts and identity restoration specialists who will complete paperwork, notify creditors and make calls to clear your good name in the event you are a victim of identity theft.
• How many other external hard drives or laptops have employee information and are they protected?
  As a large organization with more than 50,000 employees located at hundreds of offices around the world it is necessary to have these data available to accomplish personnel actions. TSA has stringent data security protocols in place and is redoubling its efforts to ensure these high standards are being practiced.