Skip to Content
personal information released from victims of Hurricanes Harvey, Irma, Maria and California wildfires
Security & privacy

FEMA exposes millions of disaster survivors’ data in ‘major privacy incident’

It’s safe to say that data breaches, whether accidental or deliberate, are out of control. It’s only March, but take a look at some of the incidents that have already happened this year.

The problem is getting so bad that the government is becoming more involved, even going as far to threaten regulations against Facebook over their carefree attitude regarding your data. But as much as the government says they want to help get a handle on the situation, they can also be negligent when it comes to our sensitive information.

Only days ago, a government watchdog report revealed a “major privacy incident” involving a massive government agency. To add insult to injury, this data exposure affects millions of disaster victims.

What information did FEMA leak?

In a report just released by the Department of Homeland Security’s Office of Inspector General, acting Inspector General John V. Kelly found that the Federal Emergency Management Agency (FEMA) shared a ton of sensitive information on disaster survivors. It wasn’t a short list of people, either. This breach involved about 2.3 million victims of four major disasters that happened in 2017, including Hurricanes Harvey, Irma and Maria along with major wildfires in California.

The report says this impacted people who used FEMA’s Transitional Sheltering Assistance program, which helps place victims in temporary housing such as hotels following disasters. Personally identifiable info was exposed like names, addresses, partial Social Security numbers and banking information when it was shared with a private contractor managing the program.




The report didn’t sugarcoat the incident, saying this breach happened because proper safeguards weren’t taken. They said the contractor, which wasn’t identified in the report, could have told FEMA they were being sent information that wasn’t necessary, putting an end to this situation much earlier. It also said FEMA needs to make sure data like this won’t be shared with outside contractors again.

How to protect your information from data breaches

A lot of this information is very sensitive, and not something you want in the hands of criminals. Although it should go without saying, the report reads that this breach puts victims “at increased risk of identity theft and fraud.” They’re absolutely right.

If something like this happens to you, there are some immediate steps to take while also keeping an eye out for any suspicious activity in the months following. Even if you don’t think your data has ever been exposed, be proactive. We have plenty of resources to help.

Depending on details of the breach, make sure your email addresses and passwords aren’t compromised. Regardless, make sure you’re using different passwords for your online accounts and shut down the ones you no longer use. Use two-factor authentication (2FA) whenever possible.

Monitor your finances, like bank and credit card statements, watching for any unusual activity and possible scam attempts such as phishing emails. You might even consider a credit freeze in more serious cases.




And make sure you’re running strong security software.

To read the report involving the FEMA breach, click here.

Refer friends, earn rewards

Share your source of digital lifestyle news, tips and advice with friends and family, and you'll be on your way to earning awesome rewards!

Get started