Posted on 05/22/2006 10:06:13 AM PDT by areafiftyone
May 22, 2006 — Personal data on about 26.5 million U.S. military veterans was stolen from the residence of a Department of Veterans Affairs data analyst who improperly took the material home, Veterans Affairs Secretary Jim Nicholson said Monday.
The data included names, Social Security numbers and dates of birth for the veterans, Nicholson said, but "there is no indication at this time" that the data had been used for identify theft.
Nicholson said the theft of the data took place this month, but declined to identify the employee or the location of the burglary.
Or to people who want to ram airplanes into buildings. Or hijack school buses. Or any other type of terrorist mischeif.
I've done both.
re: '73 fire, the reason I ask is because while there is a lot of info on the destruction of the fire itself, can find little or no data on how it started in the first place. Radical hippies? One would think that a records archive might have a sprinkler system as well. Maybe not.
This is from a recent PC Magazine article I saved:
"At least 48,606,000 identifying records have been stolen since 2005. Some of the bigger heists include:
• 40 million credit card numbers (Cardsystems—stolen from database)
• 3.9 million financial records (CitiFinancial—lost in transit)
• 150,000 individuals’ records (ChoicePoint—sold to a suspected criminal company)
• 310,000 individuals’ records (LexisNexis—stolen from database)
• 1.4 million credit card numbers (DSW Shoe Warehouse—stolen from database)
• 100,000 individuals’ records (UC Berkeley—stolen computer)
• 676,000 individuals’ financial records (Wachovia/Bank of America/Commerce—stolen by employees)
• 1.2 million government worker records (BofA—lost backup tapes)
• 600,000 employee records (Time Warner—lost)
• 270,000 applicant records (USC—stolen from database)
This only represents the records stolen in bulk last year. This does not include any “dumpster diving,” “phishing,” “pharming,” or “pretexting” done on an individual level. Because the victim most often has no clue he or she has become a victim, these crimes often go unreported.
There will be approximately 10,000,000 victims of identity theft this year:
• 27,400 every day
• 1,140 every hour
• 19 every minute
• 1 new victim every 3 seconds"
I am familiar with the top identity theft protection plans available and am selling the best one I found because I fell victim to ID theft myself. ID theft is a HUGE hassle to deal with. If interested in learning about getting protected using this service please click below, otherwise please forgive my posting it here.
http://www.prepaidlegal.com/idt/tedherring
This whole mess is scary to me!
Do you think the thieves could start hacking into the bank accounts of those VA victims?
Maybe all VETS should alert the bank where their checks are Direct Deposited.
Also, if they got medical records, (don't know if that information was included or not), wouldn't that information list who is able-bodied, and who is not able-bodied?
Lord, help the Republic!
Even if this very stupid analyst did NOT take the information home (to use for what purpose?) it was only a matter of time that personal information was bound to leak out of the VA's files.
I say this because, while most banks and others are using encrypted names and passwords for security, the VA has been using birthdates along with social security numbers on all their doctor/patient correspondence and all pharmacy prescription requests. This has to be corrected!
Recently, I told them as much and was told, "That's how we do things!" Hardly, an answer!
Also, to correct personal information theft in the future, all disks or information should be encrypted with a beeper (or tag of some sort) to ring whenever it is being taken out of the building. And/or, for heightened security (log on) a number should be established on a secure program to show how many times that disk or information was used by whatever employee and for what reason.
Now, along with not being able to secure our borders, we are not secure within them....just terrible!
Opening Remarks: ¡§VA Special Call Center. This is {state first name}. How may I help you?¡¨
Potential Questions from the Public Listed below are potential questions you may receive and a response you can provide.
Topic A ¡V WHAT HAPPENED AND HOW DOES THIS AFFECT ME?
A1. What happened?
The Department of Veterans Affairs (VA) has recently learned that an employee, a data analyst, took home electronic data from the VA, which he was not authorized to do. This behavior was in violation of VA policies. The employee¡¦s home was burglarized and this data was stolen. The data may have contained identifying information for millions of veterans. Authorities believe it is unlikely the perpetrators targeted the items because of any knowledge of the data contents. It is possible that they remain unaware of the information that they possess or of how to make use of it. However, out of an abundance of caution, the VA is taking all possible steps to protect and inform our veterans.
A2. What information was included?
The data lost is primarily limited to an individual¡¦s name, date of birth, and social security number. In some cases, spousal information may have been included. However, this information alone may be useful to identity thieves, and we recommend that all veterans be extra vigilant in monitoring for signs of potential identity theft or misuse of this information. Importantly, the affected data did not include any of VA¡¦s electronic health records or any financial information.
A3. How do I know if information about me was stolen?
At this point, we do not know. An investigation is ongoing. We do not want any veteran to be surprised and are operating under the assumption that some information for all veterans was included. We are informing people of this incident and the possibility that it could involve information about them.
A4. I have never applied for benefits from VA. Do I need to be concerned?
The electronic data stolen included some information on all veterans, including those who have never contacted us. VA receives information from the Department of Defense on all who served. You are encouraged to take steps to protect yourself against identity theft.
A5. I am the spouse, widow, or child of a veteran. Was my information included?
It is unclear whether any spousal or dependents¡¦ information has been compromised. However, if this did occur, it appears it would be a very small number of people.
A6. Will I still get my monthly benefit payment?
Yes. There will be no impact on benefit payments.
Topic B ¡V WHAT SHOULD I DO?
B1. What should I do to protect myself? Do I have to close my bank account or cancel my credit cards?
At this point there is no evidence that any missing data has been used illegally. However, the Department of Veterans Affairs is asking all veterans to be extra vigilant and to carefully monitor bank statements, credit card statements and any statements relating to recent financial transactions, and to immediately report any suspicious or unusual activity. For tips on how to guard against misuse of personal information, visit the Federal Trade Commission website at http://www.ftc.gov/.
You do not have to close your bank account or cancel your credit cards. You should however take steps to protect yourself against identity theft. One way to monitor your financial accounts is to review your credit report. By law you are entitled to one free credit report each year. Request a free credit report from one of the three major credit bureaus ¡V Equifax, Experian, TransUnion ¡V at www.AnnualCreditReport.com or by calling 1-877-322-8228.
B2. What is identity theft?
Identity theft occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes.
B3. I haven¡¦t noticed any suspicious activity in my financial statements, but what can I do to protect myself and prevent being victimized by credit card fraud or identity theft?
The Department of Veterans Affairs strongly recommends that veterans closely monitor their financial statements and visit the Department of Veterans Affairs special website on this, www.firstgov.gov or call 1-800-FED-INFO (1-800-333-4636).
B4. Should I reach out to my financial institutions or will the Department of Veterans Affairs do this for me?
The Department of Veterans Affairs does not believe that it is necessary to contact financial institutions or cancel credit cards and bank accounts, unless you detect suspicious activity.
B5. What is the earliest date at which suspicious activity might have occurred due to this data breach?
The information was stolen from an employee of the Department of Veterans Affairs during the month of May 2006. If the data has been misused or otherwise used to commit fraud or identity theft crimes, it is likely that veterans may notice suspicious activity during the month of May.
B6. What should I do if I detect a problem with any of my accounts?
The Federal Trade Commission recommends the following four steps if you detect suspicious activity:
Step 1 ¡V Contact the fraud department of one of the three major credit bureaus:
Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 9532, Allen, Texas 75013
TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
Step 2 ¡V Close any accounts that have been tampered with or opened fraudulently.
Step 3 ¡VFile a police report with your local police or the police in the community where the identity theft took place.
Step 4 ¡VFile a complaint with the Federal Trade Commission by using the FTC¡¦s Identity Theft Hotline by telephone: 1-877-438-4338, online at www.consumer.gov/idtheft, or by mail at Identity Theft Clearinghouse, Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington DC 20580.
B7. Where can I get more information?
The Department of Veterans Affairs has set up a special website and a toll-free telephone number for veterans which features up-to-date news and information. Please visit www.firstgov.gov or call 1-800-FED-INFO (333-4636).
Topic C ¡V WHAT IS VA DOING ABOUT THE SITUATION?
C1. What is VA doing about this?
The Department of Veterans Affairs is working with the President¡¦s Identity Theft Task Force, the Department of Justice and the Federal Trade Commission to investigate this data breach and to develop safeguards against similar incidents. Task Force members have already taken actions to protect the affected veterans, including working with the credit bureaus to help ensure that veterans receive the free credit report they are entitled to under the law.
Appropriate law enforcement agencies, including the Federal Bureau of Investigation and the Inspector General of the Department of Veterans Affairs, have launched full-scale investigations into this matter.
C2. How is information being shared?
We are providing as much information as we have about the incident and alerting veterans of the situation. We are in the process of identifying who may have been affected so we can provide them more information, where possible.
Veterans can go to www.FirstGov.gov to get information on this matter.
(Information for VA Regional Office employees) VA has set up a manned call center that veterans may call to get information about this situation and learn more about consumer identity protections. Concerned veterans may call 1-800-FED INFO (333-4636). The call center will be open beginning today, and will operate from 8 am (EDT) to 9 pm (EDT), Monday-Saturday as long as it is needed. The call center will be able to handle up to 20,000 calls per hour (260,000 calls per day).
C3. Will VA send me a letter?
The VA will send out individual notification letters to veterans to every extent possible. Due to the number of veterans who potentially could have been affected, VA is developing a method for individual notifications, where possible.
C4. What will be done to prevent this from happening in the future?
VA has safeguards in place for use and release of private information. VA provides ongoing privacy training to all employees.
Closing Remarks ¡§Is there anything else I can help you with today?¡¨
If yes, answer any additional questions.
If no,
¡§Thank you for your call. Good-bye¡¨ Let the caller disconnect first.
TELEPHONE AGENT QUESTIONS
What if a caller asks a question about the incident you are unable to answer?
Inform the caller that the investigation is ongoing and that the information you provided is all that is available at this time. If the caller has access to the Internet, advise him or her that updated information will be posted on www.FirstGov.gov and on our website at www.va.gov as VA learns more.
What should I do if I get VA-related questions not regarding this incident?
Disability Benefits: Refer the caller to 1-800-827-1000, if the question is about ć a pending claim ć filing a claim ć a compensation or pension benefit payment Medical Care: Refer the caller to 1-877-222-8387, if the question is about ć treatment for a medical condition ć refilling a prescription Education: Refer the caller to 1-888-442-4551, if the question is about ć education benefits ć VA-approved schools Insurance: Refer the caller to 1-800-669-8477, if the question is about ć insurance payments ć insurance coverage All Other Questions about VA Benefits: Refer the caller to 1-800-827-1000.
What should I do if I get questions from the media?
All media questions¡Xnational and local¡Xshould be directed to VA¡¦s Office of Media relations at 202-273-6000.
Note: If a caller threatens harm to himself or others, please refer the call to the VA representative on site.
I just telephoned my Branch Manager of a major bank and alerted him.
Maybe others should consider doing the same in their communities.
I am sure Hilary still has copies of the 800 to 1,000 FBI files she borrowed.
Now 26,000,000 firearms experts.
These peons could be dangerous to her plans for The Village of The United States of Hilary.
Does Hilary have a alibi?
I don't believe this for one second. How convenient to have one's home "burglarized" the same night you STOLE data from the VA. I'd be curious to know how much the analyst sold the information for.
Exactly!
The klintoons wanted to get the guns, remember?
Looks like a lot of illegal aliens will get a social security number now.
That said on your observation of the possibilities. . .'people who want to ram airplanes into buildings. . .Or hijack school buses. Or any oother tpe of terrorist mischeif'. . .
. . .that whomever did this. . .is probably a 'Leftie' of the first order of Demrat. . .
Worth noting....
http://wireservice.wired.com/wired/story.asp?section=Breaking&storyId=1531765
Co. loses personal data of 1.3M customers
Excerpt:
Thursday, June 01, 2006 7:24 a.m. ET
AUSTIN, Texas (AP) -- Equipment containing the names and social security numbers of about 1.3 million Texas Guaranteed Student Loan Corp. borrowers has disappeared, company officials said.
There was no evidence the information had been misused, but Texas Guarantee said it said it would notify the affected borrowers by mail starting this week.
"It was not a security breach where someone hacked into our system," said Sue McMillin, Texas Guaranteed's president and chief executive.
The piece of equipment, which the company did not identify, was lost May 24. Officials said encrypted electronic files containing the data were sent to Hummingbird Ltd., which helps companies manage large amounts of information. A Hummingbird employee downloaded, decrypted and stored the files on a piece of equipment that was later lost.
http://www.tgslc.org/resources/customerdata.cfm
worth noting
http://www.pcworld.com/news/article/0,aid,125962,00.asp
Hotels.com Customer Data Stolen
Theft of more than 200,000 credit card numbers reported.
Robert McMillan, IDG News Service
Friday, June 02, 2006
(snip)
The laptop was stolen in late February after an Ernst & Young employee left it inside a locked vehicle, according to Hotels.com Senior Compliance Officer Cathy Bump. Ernst & Young notified Hotels.com of the theft on May 3, and after determining which customers were affected by the data breach, the two companies began sending out letters last week notifying approximately 243,000 customers of the theft.
The laptop contained names, addresses, and credit or debit card information, mostly related to Hotels.com transactions that occurred in 2004, although some customers who made purchases in 2003 and 2002 were also affected.
The computer was stolen somewhere in Texas, though Bump would not name the city where the theft occurred. Hotels.com, which is owned by Expedia, is based in Dallas.
Recent Thefts, Relief
The combination of tough data breach notification laws and stolen laptops is keeping compliance officers such as Bump very busy these days. In May, the U.S. Department of Veterans Affairs reported that a stolen laptop and external hard drive were to blame in the loss of sensitive information on 26.5 million U.S. veterans. And Fidelity Investments lost confidential information on nearly 200,000 Hewlett-Packard employees earlier this year under similar circumstances.
(snip)
Since the theft, however, Ernst & Young has encrypted data on all laptops within its U.S. and Canadian operations, Kerrigan said.
Ernst & Young is offering one year's free credit monitoring to all Hotels.com customers affected by the breach.
(snip)
IDs of Active Duty Also Stolen
Associated Press | June 05, 2006
WASHINGTON - Personal data on up to 50,000 active Navy and National Guard personnel were among those stolen from a Veterans Affairs employee last month, the government said Saturday in a disclosure that goes beyond what VA initially reported.
VA Secretary Jim Nicholson said in a statement that his agency discovered after an internal investigation that the names, Social Security numbers and dates of birth of up to 20,000 National Guard and Reserve personnel who were on at least their second active-duty call-up were "potentially included."
In addition, the same information on up to 30,000 active-duty Navy personnel who completed their first enlistment term prior to 1991 also were believed to stored on the computer laptop and disks stolen from a VA data analyst at his Aspen Hill, Md., home on May 3.
The VA has previously said the stolen data involved up to 26.5 million veterans discharged since 1975, as well as some of their spouses; veterans discharged before 1975 also were deemed at risk if they submitted claims to the agency.
"VA continues to conduct a complete and thorough investigation into this incident, and those efforts are providing additional details about the nature of the data that may be involved," Nicholson said.
Veterans groups have criticized the VA for a three-week delay in publicizing the burglary after the May 3 theft.
Last week, internal documents obtained by The Associated Press showed that the stolen data in many cases included phone numbers and addresses of veterans, as well as 6,744 records pertaining to "mustard gas veterans" - or those who participated in chemical testing programs during World War II.
On Saturday, Nicholson said there was no evidence that information for other active-duty personnel had been breached.
He said there have been no reports that the stolen data have been used for identity theft but wanted to alert the public about the VA's findings out of an "abundance of caution" in what has become one of the nation's largest security breaches.
During hearings last month, Nicholson said he was "mad as hell" that employees did not notify him of the burglary until May 16. Since then, the VA has fired the data analyst who lost the data, and his boss, VA deputy assistant secretary Michael McLendon, has stepped down.
The department has also placed Dennis Duffy, the acting head of the division in which the data analyst worked, on administrative leave.
"VA will continue to work with the Department of Defense, other government agencies, members of Congress and other stakeholders to inform and help protect those potentially impacted," Nicholson said.
This is sounding more and more like a major attack or somthing. Four Civ companines now have had the same problem
http://releases.usnewswire.com/GetRelease.asp?id=66965
Coalition of Veterans' Groups Files Federal Class Action Seeking Judicial Oversight & Protection of VA's Files of 26.5 Million Veterans
6/5/2006 6:11:00 PM
To: Assignment Desk, Daybook Editor, Legal Reporter
Contact: Mokie Porter of Vietnam Veterans of America, 301-585-4000, ext. 146
News Advisory:
Coalition of Veterans' Groups Files Federal Class Action Seeking Judicial Oversight & Protection of VA's Files of 26.5 Million Veterans
WHAT:
Press Briefing
WHERE:
5th Floor Conference Room
Ogletree Law Firm
2400 N St., N.W.
Washington, D.C.
WHEN: 10 a.m. Tuesday, June 6, (Press Briefing)
DETAILS:
Five national organizations, Vietnam Veterans of America, Citizen Soldier, National Gulf War Resource Center, Radiated Veterans of America, Veterans for Peace, and several individual veterans, including VVA National President John Rowan, have joined together to file a class action lawsuit today in Federal District Court by their attorney Douglas Rosinski, of the law firm Ogletree, Deakins, Nash, Smoak, & Stewart, P.C.
The veterans' complaint seeks:
A declaratory judgment that the VA's loss of 26.5 million veterans' records violated and continues to violate both the Privacy and Administrative Procedure Acts.
A court order that the VA disclose the exact nature of its compromised records system and to individually inform each veteran of every record it maintains on him or her.
An injunction preventing the VA from altering any data storage system and prohibiting any further use of these data until a court-appointed panel of experts determines how best to implement safeguards to prevent any further breaches.
A judgment awarding $1,000 to each veteran who has been harmed by the VA's violation of the Privacy Act.
Military veterans will be present to describe the harmful effects of this loss of personal data, including Social Security numbers, addresses and phone numbers, and information about health conditions and disabilities.
---
Vietnam Veterans of America (VVA) is the nation's only congressionally chartered veterans service organization dedicated to the needs of Vietnam-era veterans and their families. VVA's founding principle is "Never again will one generation of veterans abandon another."
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.