The agency’s Office of the Inspector General found that the Department of Homeland Security has ways to safeguard and share sensitive data and properly acted once it learned about the alleged exposure.
The Office of the Inspector General for the Department of Homeland Security issued an inspection report on Monday following the alleged exposure of DHS’s terrorist watchlist data, which the department learned about in July of 2021.
The report, entitled “DHS Has Controls to Safeguard Watchlist Data,” was launched following the purported exposure of more than 1.9 million federal terrorist watchlist records. A social media post claimed that these watchlist records were exposed publicly online and contained sensitive information and identifier information. In response, OIG launched an investigation to determine if DHS effectively safeguarded and shared this terrorist screening data.
As noted in the report, DHS uses and shares the terrorist screening data to fulfill its functions, such as counterterrorism, law enforcement, border security and inspections. The watchlist is shared across the U.S. government and other law enforcement agencies to identify known or suspected terrorists trying to enter the U.S., obtain visas or board an aircraft.
According to the report, the OIG “determined the Department of Homeland Security has an approach to safeguard and share terrorist screening data.” It confirmed that the department’s policies and procedures are in compliance with federal standards to safeguard sensitive data, including the data of the alleged exposure, that is used, stored and shared by DHS.
OIG also stated that DHS acted appropriately by promptly notifying the Federal Bureau of Investigation’s Terrorist Screening Center, which owns the terrorist watchlist records. OIG added that DHS was not involved in the purported incident.
DHS did not respond to OIG’s report, which does not offer any recommendations.