On March 27th, 2019, the SBTC Reported a Data Breach by the UCR Board of Directors to the Secretary of Transportation's USDOT Privacy Officer and the FMCSA Administrator. On March 29th, 2019, the FMCSA's Counsel's Office responded, advising the SBTC the agency is investigating the matter.
From: "Fromm, Charles (FMCSA)" <firstname.lastname@example.org>
Date: Fri, Mar 29, 2019 4:45 pm
To: "email@example.com" <firstname.lastname@example.org>
Cc: "Gutierrez, Avelino" <email@example.com>, "firstname.lastname@example.org" <email@example.com>, "firstname.lastname@example.org" <email@example.com>, "firstname.lastname@example.org" <email@example.com>, "Chao, Elaine L." <Elaine.L.Chao@dot.gov>, "Martinez, Raymond P. (FMCSA)" <Raymond.Martinez@dot.gov>, "Privacy, OST (OST)" <firstname.lastname@example.org>, "email@example.com" <firstname.lastname@example.org>
Subject: RE: [EXT] Unauthorized use and public release of my Social Security Number by the UCR Plan
FMCSA takes your concerns below regarding the alleged release of your SSN by USDOT/FMCSA very seriously. We are investigating this incident and will take the necessary steps to address the matter.
Charles J. Fromm
Deputy Chief Counsel
Federal Motor Carrier Safety Administration
SBTC Blows Whistle on UCR Board's Alleged Public Exposure of Truckers' Social Security Numbers
--SBTC President James Lamb
WASHINGTON (PRWEB) March 27, 2019
James Lamb, the president of the Small Business in Transportation Coalition ("SBTC"), a 501(c)(6) non-profit business league operating through the domain
announced today that his transportation industry watchdog trade group has reported to federal privacy officials that it has allegedly discovered that the Unified Carrier Registration ("UCR") Board of Directors ("Board") has been publicly releasing independent truckers' social security numbers through its website
Lamb said the SBTC reported the matter to the United States Department of Transportation's ("USDOT") Office of the Inspector General ("OIG"), which, in turn, referred him to the USDOT Privacy Director. Accordingly, Lamb filed a complaint with the USDOT Privacy Director and the United States Department of Justice (USDOJ) on behalf of the trucking industry, alleging that the Federal Motor Carrier Safety Administration (FMCSA) has, for years through the Iteris "UCR Link" system, been releasing truckers' social security numbers to the UCR Board of Directors through its tech platform contractors Indiana Department of Revenue and SeikoSoft, which implements the interstate UCR Agreement, and that the Board since March 1, 2019, has been making truckers' social security numbers publicly available through the Board's website
hosted by SeikoSoft.
Lamb said the SBTC's lobbyist has today notified the Congressional oversight committees and has requested an investigation into this matter.
"The SBTC is ever on the look-out for government fraud, waste, mismanagement, and abuse. That includes private non-profit organizations like the UCR Plan charged with administering interstate agreements. It is the policy of the SBTC to expose all unlawful activities and improprieties by government agencies and private entities alike." Lamb added.
In the interest of protecting truckers' information, Lamb said he would leave it to the USDOT to advise the public how, specifically, the breach occurred to afford the government time to effect termination of the Board's alleged release of information. Truckers concerned that their social security numbers may have been publicly exposed in violation of the Federal Privacy Act of 1974 may contact USDOT via privacy(at)dot.gov and/or the USDOJ: privacy(at)usdoj.gov.