Posted on 06/09/2006 8:13:26 AM PDT by driftdiver
Stolen personal data for 26.5 million veterans and military personnel may have been erased by teenagers who sold the computer equipment, Veterans Affairs Secretary Jim Nicholson said Thursday.
He explained that the burglary occurred in an Aspen Hill, Md., neighborhood in which there had been a pattern of thefts by young burglars who took computer equipment, wiped them clean of the data and then sold them on college campus or high schools.
"We remain hopeful this was a common random theft and that no use will be made of this data," Nicholson said. "However, certainly we cannot count on that."
(Excerpt) Read more at news.yahoo.com ...
"how much more work can a person do at home, with data on millions of people,"
Lots, my experience is that taking work home is fairly common in the IT industry. Of course its also common to have some stupid rules about controlling data too. And these rules are something you can easily ignore. They control the levels of access, how laptops are configured and so on.
"And these rules are something you can easily ignore"
Sorry, that should say CAN'T easily ignore
If it was a secure system, then he probably wasn't even allowed to copy or print...I doubt we'll get to know much about it.
"If anyone would think of searching a hard drive for useful info and copying it, it's teenagers..."
The data was most likely in a database and not a flat file like MS Word or Excel. Some teenagers have the technical expertise but not ones that are stealing PCs to sell. The kind with this knowledge would only steal to get a better machine.
"If it was a secure system, then he probably wasn't even allowed to copy or print"
It wasn't or he wouldn't have been allowed to put it on a laptop. Laptops are too easily stolen even IF some bonehead doesn't take it home. Cleaning people, security folks, and other IT people walk off with laptops all the time.
I'm sure this is all just an easily remedied mistake....
Since I served with the Army from 1974 until 1994, I was assuredly in this stolen database.
Has this gotten me worried?
Heck no, and why should it?
"I'm sure this is all just an easily remedied mistake...."
Which part? We might as well assume our personal data is out in the public domain. If its not the VA then its some other boneheaded outfit that doesnt want to spend the money or time to protect our data. More than likely each of us does business with a company that has outsourced something to India. That means your data is not secure on a global basis. There are things you can do to protect yourself but I personally think we should start a class action against the banks and credit reporting companies for making a system so easily abused.
Fixing the problems with the VA arent simple either. I have zero knowledge of the VA inner workings but in any organization these types of changes require significant investment and time to resolve.
I don't want $1000, I want them to use that money to fix their damn problems and tell me the name of the S***bag who had the data in the first place in violation of established procedures.
I agree 100%
Don't want the money,FIX THE PROBLEM!!!
Jack
This is not classified military information, and to imply otherwise, would not be honest. Only names, addresses and Social Security numbers were on this stolen CD database.
What, you think that nobody could ever obtain this information about you, without stealing a CD from the VA?
Some of us live in the real world and understand that personal security is a thing of the past.
We should be asking a more simple question:
What the hell was the VA doing with my Social Security Number in the first place? Are they contributing to my retirement account? And if not, what the hell are they doing with that information?
Or ET's in UFO's have it,
Or Al-Qidea now has it,
or it's been found on a table in the White House...
OR...
Or...
or....
This is NOT 'news' but mere WISHFUL THINKING!!
Why waste our time with GUESSES???
Sorry, but this horse has been outta the barn for decades!
"This is not classified military information, and to imply otherwise, would not be honest. Only names, addresses and Social Security numbers were on this stolen CD database."
Not its not DOD classified but according to federal regulations it is considered "confidential" and private institutions would face heavy fines for a similiar incident.
"Some of us live in the real world and understand that personal security is a thing of the past."
Sure, personal security is challenging but if you choose to totally give up please send me your private information. I need a new car.
Although I'd be one of those getting the money (I got my VA letter yesterday), I think it's stupid. It doesn't fix anything.
Just give each one of us a couple years of free credit monitoring. I'm sure the VA can arrange for a cheap bulk buy from one of the companies that provide that service.
I'm hoping that works to our advantage. Whoever did this was small-time, amateur. Knowing the full resources of the FBI are bearing down on him, a small-time robber might not want to be in possession of something that hot, and may not take the risk of trying to sell the information.
"A total disk wipe may require several passes and repeated operations before making it unreadable."
i'm trying to be realistic about this and posted this story as I thought people would appreciate an update. In previous posts people have theorized that terrorists stole the PC and were planning a massive attack against veterans.
The simplist answer is usually the correct one. Someone stole the laptop for money. They probably didn't realize what they had and couldn't access even if they relized what was on it. If all of that lines up they probably dont know what to do with the data to profit and will end up leaving a trail even the worst liberal prosecutor could follow.
You're correct, just deleting the data doesnt get rid of it. Even a routine disk format won't totally eliminate the data on the drive. Either one of these actions will make it impossible for the average person to retreive though. And once they install a few games and their stolen music collection the data will be overwritten and gone forever, or until the next event like this.
I spent 40 years in IT. The last 25 as a data analyst/enterprise data analyst.
As I understand this story, a VA data analyst had this database/dataset on his/her peronal laptop and it was stolen.
Data analysts don't look at data via a front-end. They write their own queries and unless this laptop were stolen by another data analyst or someone who knew what they were looking for, the data on its hard drive is probably secure.
If anything, all the publicity has informed the thief that he has something of value. That fact makes the data more vulnerable than the original theft.
I fully agree with you. If this theft had been kept quiet, then the potential damage would have been minimal.
Instead, somebody now realizes how important this stolen CD is and may use the information for evil purposes.
What happened AFTER THE THEFT was the actual crime! For that, I will hold the VA fully accountable.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.