Thanks to Equifax breach, 4 US agencies don’t properly verify your data, GAO finds

Multiple government agencies are relying on a security measure that can be easily bypassed thanks to massive breaches like the Equifax hack, the US Government Accountability Office has found. In a report released Friday, the government watchdog group found that the US Postal Service, the Department of Veterans Affairs, the Social Security Administration and the Centers for Medicare and Medicaid Services have still been using “Knowledge-Based Verification” to make sure people who apply for benefits online are authentic. This verification method asked applicants questions like their date of birth, Social Security numbers and addresses, assuming that only the applicant would have that information. But in Equifax’s breach in 2017, that information had been stolen from 145.5 million Americans, rounding out to more than half the US population. That exposed many federal agencies using Knowledge-Based Verification to widespread fraud, as potential attackers could use the stolen information to apply for benefits and get replacement Social Security cards, the GAO found. In 2017, the National Institute of Standards and Technology started advising against that verification method.Lawmakers asked the government watchdog to review how many federal agencies were still using the outdated verification method after the Equifax breach. While the IRS and the General… Read full this story

Thanks to Equifax breach, 4 US agencies don't properly verify your data, GAO finds have 266 words, post on www.cnet.com at June 14, 2019. This is cached page on Konitono Deal. If you want remove this page, please contact us.