Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Submission + - Massive security breech at US Federal Government contractors site (

dstates writes: SAM (Systems for Awards Management) is a financial management system that the US government requires all contractors and grantees to use. This system has recently been rolled out to replace the older CCR system. Last night, thousands of SAM users received the following message:

"Dear SAM user

The General Services Administration (GSA) recently has identified a security vulnerability in the System for Award Management (SAM), which is part of the cross-government Integrated Award Environment (IAE) managed by GSA. Registered SAM users with entity administrator rights and delegated entity registration rights had the ability to view any entity’s registration information, including both public and non-public data at all sensitivity levels."

From March 8 to 10, any registered user who searched the system could view confidential information including account and social security numbers for any other user of the system. Oops! The Government Services administration says that they have fixed the problem, but this is a serious black eye for the Fed.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Massive security breech at US Federal Government contractors site

Comments Filter:

You are in the hall of the mountain king.