Posted on 06/15/2006 8:46:31 AM PDT by Centurion2000
Veterans Seek Billions in Data Breach Suit
By Roy Mark
June 6, 2006
WASHINGTON - Angry veterans aren't waiting for Congress to take action over the recent Veterans Administration loss of 26.5 million personal records of veterans.
Tuesday afternoon, a coalition of veterans groups filed a class action lawsuit demanding the VA name those who are at risk for identity theft. The suit seeks $1,000 in damages for each person, a payout that could reach $26.5 billion.
According to the lawsuit, the VA's loss of the records violated both the U.S. Privacy Act and the Administrative Procedure Acts.
"It is appalling to all veterans that their personal information -- information that is supposed to be held in confidence -- is potentially in the hands of individuals who can wreak identity-theft havoc," John Rowan, the national president of Vietnam Veterans of America and a plaintiff in the lawsuit, said in a statement.
Other veteran groups backing the lawsuit include the National Gulf War Resource Center, Radiated Veterans of America, Citizen Soldier and Veterans for Peace.
The lawsuit also seeks a court order to prevent the VA from any further use of veterans' data until a court-appointed panel of security experts determines appropriate safeguards to prevent future data breaches.
"This lawsuit seeks to insure that no harm will come to veterans as a result of this theft, and that such an incident can never occur again," Rowan said.
In late May, the VA disclosed it had suffered the second largest known data breach in U.S. history and the largest Social Security numbers breach ever.
The breach occurred when a VA employee violated agency policy and took a laptop with the records on it home, where it was stolen in a burglary.
"The VA has been criticized for years about lax information security and that includes criticism from the VA's own Inspector General. The VA still hasn't properly secured all the personal information under its control," Rowan said.
He added: "We hope this lawsuit will help Secretary [Jim] Nicholson correct the known vulnerabilities in how the VA protects private information."
The breach sparked new interest in Congress to pass data protection and disclosure laws.
While more than 10 bills were introduced in the aftermath of the ChoicePoint data breach 17 months ago, neither the U.S. House or Senate has been able to actually pass a measure.
The legislation has bogged down over issues of just exactly what is the trigger to publicly disclose a data breach. Should it be a "reasonable" or "substantial" threat to result in identity theft?
"The problem is how to define if data is at risk. If the thief can't access the data, is there a breach?" Joseph Ansanelli, president and CEO of security firm Vontu, told internetnews.com.
Ansanelli, as he has three times in congressional testimony over the last several years, again called for Congress to pass legislation as soon as possible.
"It needs to be technologically agnostic and require [businesses holding personal consumer data] to have a security program and pro-actively enforce those policies," he said. "And, of course, there should be a disclosure requirement.
Ansanelli said he supports legislation that would pre-empt any existing state laws to create a single national consumer data security standard.
The answer, he suggested, could be surprisingly simple: "Extend any existing industry specific consumer data protection requirements to cover any organization which stores private consumer data."
Financial institutions, for instance, are already under data protection obligations through the Graham Leach Bliley Act and health care providers face similar requirements under the Health Insurance Portability and Accountability Act (HIPPA).
Those standards, Ansanelli said, could be extended to cover data brokers and other holders of personal data.
"Whoever has this data should be covered, including government agencies."
Lawyers benefit from this and bottom line the taxpayers foot the bill of this lawsit. NO!!
However, should any veteran be ripped off by this debacle, I can see the fed paying full compensation for any loss.
The concept sounds good, but by the time the lawyers are done, each vet will get about 37 cents from his $1000 share.
Please bump to your list. FYI bump
Lawyers benefit from this and bottom line the taxpayers foot the bill of this lawsit. NO!!
You are correct. Another deep-pockets-of-the-taxpayer lotto win for lawyers ($12 billion, minimum, for the lawyers, $1000 each for each Veteran).
I'm not in favor of a blanket payment. However, the gov't should insure veterans against any and all monetary losses and/or expenditures that are caused by this fiasco.
JMO as a taxpayer.
That's almost an entire annual VA healthcare budget..I don't think anyone should get anything unless they have been harmed.
The dude who took home the protected data needs to face accountability.
That's part of the lawsuit. People need to know everything that happened, what got stolen etc .... so far the VA is covering is pathetic behind with these disclosure letters.
Read one yet? Bascially they tell you, oops we screwed up, but don't call us if something bad happens and BTW we sent this to you via the IRS.
I, being a vet, am not interested in any gain. I just want to be assured that I will be fully compensated if someone else does use my identity. Without years of red tape.
Like I've said in earlier threads on this topic, I don't want $1000. I want them to fix their damn problems with that money. Then I want them to convince the credit reporting agencies to keep our information "locked up", so to speak and put fraud alerts on all of our SSAN's.
These folks that say they're "representing" me are only looking for a payout.
They don't speak for me.
The only "pay" I want from the VA is the name of the a**hat who took the data home in the first place!
SZ
Yes this reminds me of the Los Alamos lost hard drives. Classified at the highest levels of secrecy yet, all the employees responsible for the data went home on time every evening. If that was a military organization, the place would have been flipped upside down and everyone would stay until the data was found. I don't remember any accountability in that situation either.
Has anyone heard any cases of this data being exploited yet?
Yeah, got my pathetic notice yesterday. I'd though I was out long before the date I saw somewhere as being the earliest affected, but got the letter anyhow. $1000 is not anything if you are a victim of ID theft.
I haven't. Odds are you won't know it has happened until a credit report is run.
Several years ago the Triwest Healthcare (veterans' HMO) office in Phoenix was rifled and this same thing happened. Computers with the personal information of thousands of vets was stolen. Nothing ever came of it, though (knock on wood). At that time a retired officer tried to start a class action lawsuit, but since it couldn't be proven that the records were used for I.D. theft, the lawsuit was dismissed.
A lot of us were sweating it then, and sweating it now. From what I've heard, identity theft is a nightmare that take years to clean up.
Whoever did this should have been heavily fined and fired at the least, but I suppose it'll be a slap on the wrist, eh?
Veteran ping
The VA ought to make sure that nothing worse will come out of this...
That said, my mother worked as a nurse for VA and I've heard the horror stories, especially how medical problems of veterans are handled. It's curious how some of the 'affected' people I heard in the past are clamoring for 'universal healthcare' but don't realize what they'll get is the same type of service they complain about with the VA; simply? it is GOVERNMENT-RUN.
I don't want the $1000. I want the little bastard that lost the files fired, and I want them to take better care of what's left of my eight years service, small as it may be. The bottom-dwelling lawyers involved in this should be forced into the Army for 2 years in IRAQ.....
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.