The Federal Emergency Management Agency said Friday the agency accidentally shared the sensitive information of some 2.5 million survivors, including personal addresses and bank information, according to a new report.
The government agency, which is responsible for assisting areas affected by natural disasters, wrongly gave the sensitive information to a contract vendor, reported the Washington Post. FEMA called it a “major privacy incident,” saying that the agency “provided more information than was necessary” to the contractor.
“We believe this oversharing has impacted approximately 2.5 million disaster survivors,” said a Department of Homeland Security official.
Agency officials said that as soon as they were notified of the breach, they stopped sharing information with the contractor. FEMA says it conducted a thorough investigation into the contractor’s information system where the data had been stored and determined that the information had not been compromised by any outside groups.
FEMA press secretary Lizzie Litzow issued a statement Friday admitting to the mistake, saying that FEMA has taken measures to ensure the integrity of the data involved in the breach.
“FEMA’s goal remains protecting and strengthening the integrity, effectiveness, and security of our disaster programs that help people before, during, and after disasters,” Litzow said in the statement.
Victims of the California wildfires and Hurricanes Harvey, Irma, and Maria were affected.
