Submission + - Massive security breech at US Federal Government contractors site (gsa.gov)
"Dear SAM user
The General Services Administration (GSA) recently has identified a security vulnerability in the System for Award Management (SAM), which is part of the cross-government Integrated Award Environment (IAE) managed by GSA. Registered SAM users with entity administrator rights and delegated entity registration rights had the ability to view any entity’s registration information, including both public and non-public data at all sensitivity levels."
From March 8 to 10, any registered user who searched the system could view confidential information including account and social security numbers for any other user of the system. Oops! The Government Services administration says that they have fixed the problem, but this is a serious black eye for the Fed.