Forgot your password?
typodupeerror
Government

+ - Massive security breech at US Federal Government contractors site->

Submitted by dstates
dstates (629350) writes "SAM (Systems for Awards Management) is a financial management system that the US government requires all contractors and grantees to use. This system has recently been rolled out to replace the older CCR system. Last night, thousands of SAM users received the following message:

"Dear SAM user

The General Services Administration (GSA) recently has identified a security vulnerability in the System for Award Management (SAM), which is part of the cross-government Integrated Award Environment (IAE) managed by GSA. Registered SAM users with entity administrator rights and delegated entity registration rights had the ability to view any entity’s registration information, including both public and non-public data at all sensitivity levels."

From March 8 to 10, any registered user who searched the system could view confidential information including account and social security numbers for any other user of the system. Oops! The Government Services administration says that they have fixed the problem, but this is a serious black eye for the Fed."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Massive security breech at US Federal Government contractors site

Comments Filter:

Staff meeting in the conference room in 3 minutes.

Working...