Eideard

Federal workers at the General Services Administration are on alert against identity theft after an employee sent the names and Social Security numbers of the agency’s entire staff to a private e-mail address.

The agency, which manages federal property, employs more than 12,000 people. Officials apologized to employees for the incident in a letter dated Oct. 25 — almost six weeks after the breach occurred. The agency said it had paid for employees to enroll in a one-year program to monitor their credit reports, along with up to $25,000 in identity theft insurance coverage.

The letter was signed by Casey Coleman, the chief information officer, and Gail Lovelace, the agency’s senior privacy official. Neither returned calls or e-mails for comment.

They issued a statement about continuing to “evolve our protocols” to protect employee privacy. They should try limiting access to sensitive data to people who know where the on/off switch is on their computer.

Documents show that officials first notified employees on Sept. 28. But workers who spoke with The New York Times said they did not learn of the incident until early November, when the letters arrived in the mail. Previous notices had been sent as security alert e-mails, which employees said they received frequently and often ignored…

The agency explained to employees that one worker had apparently transmitted the file containing the personal data by accident while seeking “work-related assistance,” and that it had not been forwarded. Those involved had cooperated, and the computer that received the data was scrubbed clean by agency technicians.

Uh-huh.