Information Week reports “Federal Agent Indicted For Using Homeland Security Database To Stalk Girlfriend”. From the article:
Benjamin Robinson, 40, of Oakland, Calif., was indicted by a federal grand jury in San Jose Wednesday in connection with allegations that he accessed a government database known as the Treasury Enforcement Communications System (TECS) at least 163 times to track a woman’s travel patterns. He is being charged with making a false statement to a government agency, and unlawfully obtaining information from a protected computer. Robinson faces a maximum of 10 years in prison and a fine of $500,000.
Unfortunately, the audit controls on all these DHS computer databases are probably laughably poor, since information management and access policies are difficult to create, especially when there is too much implicit trust in an organization. I suspect this is not an isolated incident, and it is probably very difficult to catch this sort of behavior.