SAM.GOV Identifies Security Vulnerability

Software patch closes security breach.

Recently, U.S. GSA officials identified a security vulnerability in the System for Award Management (SAM), which could allow some existing users in the system to view certain registration information of other users. The System for Award Management is a federal government-wide procurement system that acts as a data source for vendor, contract award and reporting information.   Immediately after the vulnerability was identified, GSA implemented a software patch to close this exposure. GSA is undertaking a full review of the system and investigating any potential additional impacts to registrants in SAM. The security breach happened over two days. The security of this information is a top priority for GSA as well as SBA and will continue to ensure the system remains secure. It is unclear how many businesses were affected, but as a precaution, GSA is offering the users at higher risk, access to credit monitoring services. The most vulnerable users are those that use a Social Security Numbers as a Taxpayer Identification Number and that “opted in” to public search. All registered SAM users were made aware of the situation, but no foreseeable potential harm was identified from the vulnerability. No one's data could be edited. At this time, GSA is undertaking a full review of the system and investigating any potential additional impacts to registrants in SAM. SBA officials are in close contact with GSA staff to determine next steps. For more information, please visit http://www.gsa.gov/portal/content/167855 and starting Monday, March 18, at 8 a.m., people may call the FedInfo hotline at 1-800-FED-INFO for immediate support.