“We have an inclination that, based on what the company has been telling us, there has been a spill…” a senior administration official
No not oil, this time it’s a security “spill” the administration official is speaking about. For the second time since March computer security at USIS has been breached in what is thought to be a “state-sponsored” attack. It isn’t known what was accessed or how much information was taken.
But what is USIS? What’s USIS? Think for-profit security services company contracted by Department of Homeland Security (DHS). Members of its staff conduct individual background security clearance checks – thousands of them – for the federal government.
The breach, discovered recently, prompted DHS to suspend all work with USIS as the FBI launches an investigation. It is unclear how many employees were affected, but officials said they believe the breach did not affect employees outside the department. Still, the Office of Personnel Management has also suspended work with the company “out of an abundance of caution,” a senior administration official said.
Officials said that, although the DHS encrypts the employee data it sends USIS, it’s unclear whether the data remain encrypted.
Maybe the company hasen't tightened up its operations after checking and clearing both Edward Snowden and the employee shooter at the Washington Navy Yard. But whether it has or not, USIS has recently been awarded a contract for $190 million to provide security-related services for the DHS immigration system.
Not unexpectedly, some members of Congress are making appropriate noises about launching an investigation. But while waiting (… and waiting …) for Congress to act, let’s see what background Google has on this for-profit business partner in our "homeland’s" security (call it quaint, but the term “homeland” still makes me cringe).
Along with two other security-screening-based companies, Koll and Hireright, USIS (formerly known as US Investigations Services, Inc.) is owned by Altegrity. That company is owned by a private equity firm, Providence Equity Partners. This self-described “family” of companies works to…
enable our customers to reduce risk, maximize opportunities, and make better decisions by gathering, processing, and analyzing information; sharing our subject matter expertise; and providing our proven training techniques.
And even though its “parent” company is a private equity firm, Altegrity is up to its assailable security clearance in debt – $2 billion worth, according to reports. The company does have a diabolically clever plan to get out of debt.
Paying off old debt with new, to give the company more time to turn things around, it appears. The company repaid $1.45 billion, taking out a new $1.16 billion bank credit, $60 million of which is due April 2019 and $1.1 billion due three months later. [emphasis added]
It also has another $22 million in debt due in 2015, $29 million due in 2016, $480 million due in 2020, and $61 million in 2021.
This debt profile is considered unsustainable by two business rating services – and Altegrity, they point out, is at the mercy of US government contracting decisions. On top of all that, USIS has been investigated for its security failures in the Snowden case. And in April the Justice Department sued them for fraud.
With a record like this, should anyone be shocked that security “spills” from USIS follow one after another? The real question is, why do lucrative DHS contracts with such an ineptly run company follow, one after another ?