National Union Sues TSA Over Security BreachNational Union Sues TSA Over Security Breach

Just as a federal workers union filed suit against the Transportation Security Administration for putting 100,000 employees at risk for identity theft, three politicians leveled questions at the Secretary of Homeland Security about the TSA's data breach.

The TSA, which is the federal agency charged with safeguarding the nation's airports, announced last week that it has lost an external hard drive containing the personal and financial information of 100,000 current and former employees. The hard drive was found missing from a controlled area at the TSA Headquarters Office of Human Capital on May 3. U.S. Secret Service agents have been investigating.

This week, the American Federation of Government Employees filed a class action lawsuit against the TSA over the incident. The union contends the data loss is a breach of the Privacy Act of 1974 and the Aviation and Transportation Security Act, according to an advisory on the union's Web site.

"TSA's reckless behavior is clearly in violation of the law," said union president John Gage, in a written statement. "TSA must be held liable for this wanton disregard for employee privacy."

In the lawsuit, the union, which represents workers in the Department of Homeland Security and the TSA, asks that the administration be ordered to create new security procedures, specifically electronically monitoring any mobile equipment that stores personnel data and encrypting personnel data.

"The maintenance and safeguarding of personnel data is vital to the protection of security at our nation's airports," said Gage. "If the stolen information were to fall into the wrong hands, false identity badges easily could be created in order to gain access to secure areas. This is the Department of Homeland Security we are talking about. The American people look to DHS for security and protection. A DHS agency that cannot even shield its own employee data is not reassuring."

Pressure on the TSA continued to mount on Thursday when Rep. Bennie G. Thompson (D-MS), chairman of the Committee on Homeland Security, Rep. Ed Markey (D-MA), and Rep. Sheila Jackson Lee (D-TX), chairwoman of the Subcommittee on Transportation Security and Infrastructure Protection, sent a letter to Secretary of Homeland Security Michael Chertoff regarding the security breach.

"This incident, coupled with the TSA's failure to secure a Web site designed to help travelers resolve potential cases of mistaken identity, suggests that TSA is inadequately and improperly securing sensitive information," the letter in part reads. "These data security lapses are unacceptable, and they reflect the department's dismal record in data privacy and information security."

The letter goes on to ask Chertoff if the information on the missing hard drive was encrypted and how long the agency maintains information on former employees.

"This terrible incident at TSA does not give any peace of mind to its thousands of employees nor the American public it serves on a daily basis," said Thompson in a written statement. "If TSA cannot keep track of equipment with sensitive data, it is difficult to understand how the American public can expect TSA to protect and secure our nation's transit, aviation, and rail systems."