Media Advisory: Member Portal Data Incident
American Foreign Service Protective Association
Contact: American Foreign Service Protective Association Compliance Department
eMail: [email protected]
A data incident stemming from scheduled, weekend Member Portal maintenance that affected 1 percent of American Foreign Service Protective Association members was discovered on the morning of June 28.
An investigation of the incident determined a Microsoft security tool malfunctioned causing it to recognize member information as standard portal language (i.e. field prompts). This resulted in a small subset of AFSPA members being able to view other members’ data.
The information was limited to member names, addresses, email addresses, dates of birth, dates of service, and member identification numbers. It did not include Social Security Numbers or financial information.
This incident was not malicious in nature and there is no evidence, to date, that any information was misused.
Following the discovery of the incident, AFSPA immediately disabled the Member Portal and began an investigation. Since then, the faulty tool has been disabled, the Member Portal reinstated and affected members notified.