The Federal Emergency Management Agency wrongly released the personal information of 2.3 million survivors of devastating 2017 hurricanes and wildfires.
A Homeland Security Department’s Office of Inspector General report found the breach occurred when FEMA was working with a contractor that helps provide temporary housing to those affected by disasters.
The contractor was given names, last four digits of a Social Security number and how many people live in a household, which are are required to confirm eligibility and locate housing for victims. But FEMA also provided the contractor with bank names, electronic funds transfer numbers and bank transit numbers that were not required, the report said.
The report included information on 2.3 million people that were affected through Hurricanes Harvey, Irma, Maria and California wildfires.
The report also said that FEMA violated both federal privacy laws and Homeland Security policy by giving the extra data to the contractor.