SAM Security Vulnerability

It was recent identified that the System for Award Management (SAM) has a security vulnerability.  ACTIONS MAY BE NEEDED, KEEP READING

GSA stated “registered SAM users with entity administrator rights and delegated entity registration rights had the ability to view any entity’s registration information, including both public and non-public data at all sensitivity levels.”

Names, taxpayer identification numbers (TINs), marketing partner information numbers and bank account information for about 183,000 individuals.

Although Identity theft is usually associated to individuals, it can also target companies.  There is a GSA bulletin that mentions the software problem was discovered on March 8, 2013.  It was fixed two days later and GSA explains it is  doing a “full security review” of the system.  Currently, there is no information on that bulletin how long the vulnerability existed or why there was a gap of days between fixing the problem and notifying users.

POSSIBLE ACTIONVendors using their social security numbers instead of a TIN may be at greater risk for potential identity theft. All users with SSN being used will receive an email from GSA/SAM with instructions to obtain credit monitoring resources at no charge.

For additional information, see the SAM security vulnerability FAQs. Also, starting Monday, March 18, at 8 a.m., you may call the FedInfo hotline at 1-800-FED-INFO for immediate support.  For more information visit the GSA page.

 

Connect With Coley

*Email:



*What are you Interested In?




You have Successfully Subscribed! Someone from Coley will be in contact with you shortly.

Pin It on Pinterest

Share This