Personal Information of 26.5 Million Veterans Lost by VA Employee

A senior Veteran's Affairs official was somehow in possession of the personal information (SS#, Names, DOB) of up to 26.5 million veterans, that is, until the hard drive was alledgedly stolen from his home. The data has not been recovered, and the VA is sending letters to those veterans who might be compromised. No indication yet why the employee had this information in his personal possession, but the official has been placed on leave while the matter is investigated.



Well, would it be overly paranoid of me to say I smell a rat? Why did s/he have this in the first place? Is there a reasonable explanation for such a breach of security?

What are the chances that s/he sold the information, got caught out in regards to the missing hard drive, and now claims it was a burglary? That's my bet, for now.

It's pretty ridiculous, all the data losses in recent years. I think by now everyone in the country has been compromised, or very nearly.

Additional information on when the theft supposedly took place.

story.news.yahoo.com...

Nicholson said the theft of the data took place this month, but declined to identify the employee or the location of the burglary.

[edit on 22-5-2006 by WyrdeOne]

[edit on 22-5-2006 by WyrdeOne]

[edit on 22-5-2006 by WyrdeOne]

[edit on 22-5-2006 by WyrdeOne]

I'll keep an eye on the mail, if I get a letter I'll post it.

another report states that the whole box of discs
only had info about veterans after 1976...

i know its no consolation, but at least some
veterans info has not been compromised (by whomever)

just yesterday the house slashed 500Mil$ from the
Veteran budget bill...
and now the VA has a possible sizable post office
letter mailing expense, estimate ~10Mil$ plus ++
.............things tend to balance out eventually..........

JIMC
That'd be great.

I wonder what tone it will take...

"Sorry, we screwed up..."

or

"Your data has been lost, be on the lookout for fraud in your name..."

I realize that accidents happen, but this was no accident. One way or another...

lovely...well I am not worried...while I am a veteran, the last time someone tried to steal my ID they ended up begging me to take it back.

Originally posted by grover
lovely...well I am not worried...while I am a veteran, the last time someone tried to steal my ID they ended up begging me to take it back.

I was not stealing your ID, I only wanted to see what you looked like on the picture. I still feel the broken rib pain to this day. *sheesh*

hey I don't look THAT bad.

I'm figuring that the list is vets since 1976 and there id over 26 million of them, odds are pretty good that my info is in there somewhere. Personally I hope I get ripped off. Then I can sue the crap out of the VA.

The situation just got a whole lot worse, I think.

Link

A day after the government announced the loss of sensitive personal information on more than 26 million U.S. veterans, questions remain about how truly deep the problem is. That's because officials admit that data from some veterans' family members was lost, too. Veterans are asked to provide the Social Security numbers of their spouses and children.

A long-time Veterans Affairs analyst told Montgomery County, Md., police someone pried open a window, broke into his home during daylight hours and stole a computer, an external drive, and a bag containing computer files.

The material included the veterans' Social Security numbers, birthdates and in some cases a disability rating — a score of between 1 to 100 on how disabled a veteran is. The agency declined to say whether additional information regarding the nature of the disability was disclosed.

The potential hazard here is pretty great I think. The excuse of government incompetence can only be used so many times in defense, before it becomes a conviction in and of itself.

Actually it sounds like a setup to me...what the hell was this analyst doing downloading and taking home so many files is what i want to know, and how convinent it was for the theives...ya catch my drift?

Well, now the VA is under fire for waiting so long to report the theft.

Link

"This is a scandal," said Senate Democratic leader Harry Reid (D-Nev.). "The information was kept from the American public. I would hope that the administration is figuring out a way to find out what happened."

In a briefing Monday, Nicholson said the agency was seeking to act promptly to inform veterans by notifying Congress and setting up a call center and Web site. Meanwhile, in a briefing paper to Congress, acting VA Inspector General Jon Wooditch said he was reviewing the theft from a VA data analyst's Maryland home, noting that his office had long cautioned that access controls were weak.

Since 2001, the inspector general has reported security vulnerabilities related to the operating system, passwords, a lack of strong detection alerts and a need for better access controls, he wrote.

I guess none of this would be so bad, except it seems to me that the government is expert at deflecting blame and not paying for its mistakes. They don't want to compensate people, they want to avoid that horrible fate at all costs. :shk:

SSNs are considered classified data. Why on earth was an employee taking classified data home . This is probably worse than what we know. The employee should have to face some criminal punishment.

The good news keeps on comin', it surely does.

www.msnbc.msn.com...

Personal data on up to 50,000 active Navy and National Guard personnel were among those stolen from a Veterans Affairs employee last month, the government said Saturday in a disclosure that goes beyond what VA initially reported.

VA Secretary Jim Nicholson said in a statement that his agency discovered after an internal investigation that the names, Social Security numbers and dates of birth of up to 20,000 National Guard and Reserve personnel who were on at least their second active-duty call-up were “potentially included.”

In addition, the same information on up to 30,000 active-duty Navy personnel who completed their first enlistment term prior to 1991 also were believed to stored on the computer laptop and disks stolen from a VA data analyst at his Aspen Hill, Md., home on May 3.

The article speaks for itself. In addition to the information disclosed by the above article, I was reading somewhere earlier in the week that more information was lost than originally reported. In addition to name, SS#, and DoB, and disability rating, also included in some cases was information pertaining to current address and phone number.

:shk:

When it comes to information, completeness equates to value. Incomplete information sells for a fraction of what a complete profile commands. An individual's identity, the full package, can be worth a hundred dollars or more on the secondary market. Multiply that by 26 million and change...

The VA administration should be ashamed - they've really made a mess of things. Nobody in the organization, no matter how senior, no matter how trusted, should have unfettered access to billions of dollars worth of information.

I really get mad when I think about some jerk having my personal information at his home. I don't care who he was or what he was researching that information should never have left a federal facility. If my information somehow gets used by thieves then I'm going to want more than an apology.

A coalition of veterans groups is bringing suit againts the VA, demanding compensation to the tune of $1k each (over 26 billion dollars) in addition to more oversight.

www.washingtontimes.com...

The class-action lawsuit against the federal government, filed in U.S. District Court in Washington, is the second suit since the VA disclosed the May 3 burglary two weeks ago.

It demands that the VA fully disclose which military personnel are affected by the data theft and seeks $1,000 in damages to each person - up to $26.5 billion total. The veterans are also asking for a court order barring VA employees from using sensitive data until independent experts determine proper safeguards.

That's some serious scratch. Where are the feds going to get 26 billion dollars? I think I can guess...

A somewhat related story I ran across while browsing the news this fine misty morning...

www.denverpost.com...

Files containing personal information on 287 employees, patients and former patients at a state mental hospital have been stolen - creating the risk of identity theft.

The paper files were in a briefcase taken April 21 from a hospital employee's car while it was parked at Bear Creek Park in southwest Denver.

The employee of the Colorado Mental Health Institute at Fort Logan had taken the files home to work on, said Liz McDonough, spokeswoman for the state human services department.

There are numerous incidents like this, where data loss occurs as a result of employees taking sensitive information out of the controlled environment of the office. It's just a flat-out bad idea to put patients/veterans/whoever at risk like this.

Leave the sensitive information where it belongs, please. :shk: