A flaw in a government contracting database might have allowed vendors or federal workers to steal other vendors’ financial information and trade secrets.
Late Friday, the General Services Administration said in a statement that GSA officials found “a security vulnerability” in a registration system “which could allow some existing users in the system to view certain registration information of other users.” The potential exposure was first reported by Federal News Radio on Friday.
The database, called the System for Award Management, or SAM, currently catalogs, among other things, central contractor registration records that include personal and banking information, company financials, and codes that grant access to a past performance rating system.
GSA Spokeswoman Jackeline Stewart told Nextgov “all registered SAM users were made aware of the situation.” She would not disclose the number of system users but an estimated 600,000 companies currently are registered in the database. The security loophole “was reported to GSA” on March 8 and fixed on March 10, agency officials stated.
- For the latest news involving SAM, please visit: http://contractingacademy.gatech.edu/tag/sam