Personal Data of 26.5M Veterans Stolen & Recovered

Shootin' the breeze, chewin' the fat, general chit-chat
Post Reply
Keith Holman
Site Admin
Posts: 306
Joined: Sat Oct 15, 2005 7:43 pm
First Name: Rufus Keith
Last Name: Holman
Crew?: Combined and Blue
Which Years on Board: 1980-84
Special Crew?: Neither
Rate: MM1 M-Div
Contact:

Personal Data of 26.5M Veterans Stolen & Recovered

Post by Keith Holman »

...and it appears to include you!
May 22nd - 2:26pm

By HOPE YEN
Associated Press Writer

WASHINGTON (AP) - Personal data, including Social Security numbers of 26.5 million U.S. veterans, was stolen from a Veterans Affairs employee this month after he took the information home without authorization, the department said Monday.

Veterans Affairs Secretary Jim Nicholson said there was no evidence so far that the burglars who struck the employee's home have used the personal data _ or even know they have it. The employee, a data analyst whom Nicholson would not identify, has been placed on leave pending a review.
More Information Available Here
Last edited by Keith Holman on Thu Jun 29, 2006 6:44 pm, edited 1 time in total.
~Keith
Reunion Association President
Keith Holman
Site Admin
Posts: 306
Joined: Sat Oct 15, 2005 7:43 pm
First Name: Rufus Keith
Last Name: Holman
Crew?: Combined and Blue
Which Years on Board: 1980-84
Special Crew?: Neither
Rate: MM1 M-Div
Contact:

Post by Keith Holman »

Another source of additional information:
http://www.firstgov.gov/veteransinfo.shtml
~Keith
Reunion Association President
Sorrem
Moderator
Posts: 10
Joined: Fri Oct 28, 2005 3:40 pm
First Name: Richard
Last Name: Sorrem
Crew?: Gold
Which Years on Board: 1984-87
Rate: QM

Post by Sorrem »

My question is why in the heck would our information leave the main frame and be on some yaho's computer which he takes home. There should be a law made up to protect our information to keep it form being copied and removed from the main frame. Now they spread it over the news and if the crooks didn't know what they had they do now.
Rich
Live
For the
Future

Gold 84-87 QM
Keith Holman
Site Admin
Posts: 306
Joined: Sat Oct 15, 2005 7:43 pm
First Name: Rufus Keith
Last Name: Holman
Crew?: Combined and Blue
Which Years on Board: 1980-84
Special Crew?: Neither
Rate: MM1 M-Div
Contact:

Post by Keith Holman »

Since this story is local to me, it's probably gotten a bit more play than in some other areas. A couple of things I found worthy of note.

1) There was an internal VA debate over whether or not to take the chance of tipping the crook off to what he/she had. The decision was based on the balance of damage to the many who didn't know they were at risk vs. the possibility that the crook didn't know. It was decided that it was more important to let folks know that we are at risk than take the chance that nothing would happen.

2) Different Government agencies have different rules and penalties. Had the employee worked at IRS and taken the same information home, he would currently be without a job AND in jail. After that had taken place, they would begin asking questions. VA operates differently.
~Keith
Reunion Association President
Keith Holman
Site Admin
Posts: 306
Joined: Sat Oct 15, 2005 7:43 pm
First Name: Rufus Keith
Last Name: Holman
Crew?: Combined and Blue
Which Years on Board: 1980-84
Special Crew?: Neither
Rate: MM1 M-Div
Contact:

Post by Keith Holman »

VA hit with two class-action suits over data theft

BY Bob Brewin
Published on June 6, 2006
The Department of Veterans Affairs faces two class-action lawsuits related to the theft of information on 26.5 million veterans last month.


The Vietnam Veterans of America (VVA) and four other veterans groups have filed a class-action lawsuit against the VA seeking $1,000 in damages for each veteran who can show that he or she has been harmed by the data theft.


Last week, Paul Hackett, a Marine reservist from Cincinnati, Ohio, who served in Iraq, and Matthew Page, from Boone County, Ky., filed a class-action lawsuit against the VA in the U.S. District Court for the Eastern District of Kentucky. It, too, seeks $1,000 in damages for any veteran damaged by the data theft.
More info and available links here
~Keith
Reunion Association President
Keith Holman
Site Admin
Posts: 306
Joined: Sat Oct 15, 2005 7:43 pm
First Name: Rufus Keith
Last Name: Holman
Crew?: Combined and Blue
Which Years on Board: 1980-84
Special Crew?: Neither
Rate: MM1 M-Div
Contact:

Post by Keith Holman »

Lost IRS laptop stored employee fingerprints
Hundreds notified they are at risk of ID theft, including some applicants
By Bob Sullivan
Technology correspondent
MSNBC
Updated: 4:46 p.m. ET June 5, 2006

A laptop computer containing fingerprints of Internal Revenue Service employees is missing, MSNBC.com has learned.
Full story here
~Keith
Reunion Association President
Keith Holman
Site Admin
Posts: 306
Joined: Sat Oct 15, 2005 7:43 pm
First Name: Rufus Keith
Last Name: Holman
Crew?: Combined and Blue
Which Years on Board: 1980-84
Special Crew?: Neither
Rate: MM1 M-Div
Contact:

VA to offer free credit monitoring

Post by Keith Holman »

From Government Computer News
By Mary Mosquera , GCN Staff
The Veterans Affairs Department will provide one year of free credit monitoring to people whose sensitive personal information may have been stolen in the recent theft of sensitive data from an employee’s home. The credit monitoring will become available in mid-August.

“Free credit monitoring will help safeguard those who may be affected,” VA secretary Jim Nicholson today at a briefing for reporters

VA this week will solicit bids from companies on an expedited basis to provide comprehensive credit monitoring. VA will send a detailed letter in mid-August to those whose sensitive information may have been included in the stolen data, with details about credit monitoring and how they may opt in for the service.

Additionally, VA plans to hire a contractor to provide data breach analysis, which will look for possible misuse of the stolen VA data. The contractor would provide more intensive and continuous monitoring than VA has been able to do, Nicholson said. The analysis would help measure the risk of the data loss, identify suspicious use of identity information and expedite full assistance to affected people.

VA programmed $25 million for the initial mailing to notify affected individuals and for service calls at call centers, Nicholson said. Of that, VA has spent $14 million so far—$7 million for the letter and $7 million for the call centers. VA sent letters to 17.5 million individuals, the number distilled after accounting for duplication, invalid Social Security numbers and deceased individuals.

“There haven’t been as many calls as we expected. There is concern, starting here at VA, but there’s not panic,” Nicholson said. Since May 22, the centers have logged 200,000 calls, a VA spokesman said.

VA is no closer to recovering the laptop, but federal investigators believe it is unlikely that identity theft has resulted from the data theft, Nicholson said.

To emphasize the importance of security, VA is planning a departmentwide Security Awareness Week beginning June 26, and annually thereafter. VA will conduct briefings with employees to address the proper and secure use of equipment at home, reminders of the impact of data security failures, proper handling and disposal of sensitive data in electronic and paper forms, and the consequences to individuals of data breaches.
Finally.
~Keith
Reunion Association President
Keith Holman
Site Admin
Posts: 306
Joined: Sat Oct 15, 2005 7:43 pm
First Name: Rufus Keith
Last Name: Holman
Crew?: Combined and Blue
Which Years on Board: 1980-84
Special Crew?: Neither
Rate: MM1 M-Div
Contact:

RECOVERED

Post by Keith Holman »

FBI recovers stolen VA laptop
06/29/06 -- 09:48 AM
By Mary Mosquera,


Vets' personal data seems to be intact

|Originally posted at 10:48 a.m. and updated at 12:16 p.m.|

(Updated) The Veterans Affairs Department said today that law enforcement officials had recovered the stolen laptop containing the personal data of more than 26 million veterans, and that initially it looks as though the data has not been accessed.

Prior to a hearing of the House Veterans Committee on the current status of the data theft, Department secretary James Nicholson said the deputy U.S. attorney general had told him that the stolen laptop and hard drive had been found, and officials were performing a forensic examination to determine whether the information had been used.

“This is a positive note in this tragic, epic event,” Nicholson said. "They said there is reason to be optimistic that data has not been compromised."

The FBI said in a statement that a preliminary review of the equipment by the computer forensics team has determined that the database remains intact and has not been accessed since the laptop was stolen.

A more thorough forensics examination is under way, and the results will be shared as soon as possible, FBI officials said.

“We are trying to finish the forensics investigation as soon as possible,” added FBI spokeswoman Michelle Crnkovich.

Crnkovich added that the U.S. Park Police received a tip about the stolen laptop based on flyers distributed by Montgomery County, Md., police. The person who had the laptop then turned it in to the FBI, she said.

VA reported in May that a thief had stolen a laptop and hard drive from a career department employee’s home. The hardware included names, Social Security numbers and dates of birth of 26.5 million veterans who had served in the military and been discharged since 1975.

Since VA reported the theft, the FBI and the Montgomery County police have been trying to track down the laptop, hard drive and culprits.

Additionally, VA has been trying to upgrade its security practices and procedures. Nicholson has announced a number of changes it is implementing.

“[Finding the laptop] will not change the urgency of strengthening data security,” Nicholson said today at the hearing.

VA’s data breach began a string of breaches across agencies, including the Agriculture Department, the Navy, the IRS and, most recently, the National Institutes of Health’s credit union.
http://www.gcn.com/online/vol1_no1/41204-1.html
~Keith
Reunion Association President
Fred/Charline Huwe
Posts: 56
Joined: Fri Oct 28, 2005 12:03 am
First Name: Fred M.
Last Name: Huwe
Crew?: Blue
Which Years on Board: 1966-71
Special Crew?: Neither
Rate: MM-Nuke

Stolen Laptop

Post by Fred/Charline Huwe »

It is really great that the laptop has been found, but it shouldn't have had VA info on it in the first place. We have heard nothing about what will or has happened to the person who took this info home. At the least, he or she should be fired, but since no mention has been made of this, we will presume that very little punishment was doled out.
Fred and Charline Huwe
Keith Holman
Site Admin
Posts: 306
Joined: Sat Oct 15, 2005 7:43 pm
First Name: Rufus Keith
Last Name: Holman
Crew?: Combined and Blue
Which Years on Board: 1980-84
Special Crew?: Neither
Rate: MM1 M-Div
Contact:

Post by Keith Holman »

No surprise that this is daily news in the Washington area. National politics almost always is plus there is a high concentration of vets here. Anyway, the Washington Post has numerous stories on the theft and resulting fallout.

Data security at all agencies is getting additional scrutiny right now and VA has been ranked low even before this occurred.

As to some of the personnel involved, the Post reports:
Pedro Cadenas Jr., the VA official in charge of information security, resigned yesterday for personal reasons, VA officials said. Earlier, a high-ranking political appointee was dismissed and a longtime career manager was forced to retire.
Rep. Bob Filner (D-Calif.) said yesterday that three VA documents obtained by the Veterans Affairs Committee indicate that the data analyst was authorized to take a laptop home and use a software package to access the data. That contradicted Nicholson's previous testimony that the employee was not authorized to have the information at home.

"He got all the approvals that he was supposed to have," Filner said. "I don't know of a policy that he violated, if you'll tell me one. And that's the real negligence -- that there were no policies."

Nicholson said he had not seen the documents, and declined to comment because the career analyst is challenging Nicholson's decision to fire him.

Tim S. McClain, VA's general counsel, told the panel that one of the documents did not apply to the laptop that was stolen. He acknowledged that the other documents granted the analyst access to Social Security numbers and permitted him to have software at home.

Jim Mueller, commander-in-chief of the national Veterans of Foreign Wars, applauded the equipment's recovery, but said in a statement that Nicholson still has much to do to repair the agency's reputation.
Those quotes are from
this article.
~Keith
Reunion Association President
Keith Holman
Site Admin
Posts: 306
Joined: Sat Oct 15, 2005 7:43 pm
First Name: Rufus Keith
Last Name: Holman
Crew?: Combined and Blue
Which Years on Board: 1980-84
Special Crew?: Neither
Rate: MM1 M-Div
Contact:

Post by Keith Holman »

Hopefully, this will be the end of this chain.
Government Computer News reports that FBI's forensic evaluation indicates that none of the data was accessed or compromised before the stolen laptop was returned. See story here
I hope they're right.
~Keith
Reunion Association President
Post Reply