The Federal Emergency Management Agency (FEMA) failed to properly secure the personal information of millions of victims of hurricanes and wildfires, according to a federal watchdog agency.
The news, released Friday by the Department of Homeland Security’s Office of the Inspector General, includes survivors of the 2017 California wildfires.
FEMA officials haven’t yet to provide an estimate of how many California survivors were affected.
FEMA is certainly not alone in failing those who’ve trusted the agency with the task of safeguarding their sensitive information.
Data breaches are a pervasive and alarming drawback of today’s information economy. In 2018 alone, billions of people were affected by data breaches and cyberattacks, according to the global security firm Positive Technologies.
Part of the problem has been the federal government’s failure to institute penalties for corporations and institutions that fail to safeguard consumers and citizens’ data.
Against this backdrop, the great danger is that the country will simply throw up its hands at the onslaught of security breaches instead of insisting on stronger protections.
We can’t afford to do that, and the FEMA breach shows why.
The victims of the FEMA breach — who include survivors of hurricanes Harvey, Irwin and Maria in addition to the California wildfires — had surely suffered enough hardship before the government failed to properly secure their data. (FEMA has said it hasn’t found any evidence of identity theft yet, but the losses reported — names, home addresses, bank names, bank transfer and transit numbers — certainly leave the victims open to that likelihood.)
These victims were not in a position to avoid help, and now they may pay for it with the loss of their good credit and their identity online.
If the federal government can’t get cybersecurity right for the victims of a natural disaster, it’s not taking this issue seriously for any other citizen, either.
This commentary is from The Chronicle’s editorial board. We invite you to express your views in a letter to the editor. Please submit your letter via our online form: SFChronicle.com/letters.