Veterans Affairs: New Breach, Arrest
Laptop Security Blog Veterans Affairs: New Breach, Arrest
November 29th, 2007
Author: arieannaWho Breached: U.S. Department of Veterans Affairs (VA)
Number Affected: 12,000
Information breached: Social Security Numbers
How: theft of 3 computers (2 desktop, 1 laptop)
The U.S. Department of Veterans Affairs is investigating another potential data breach after 3 computers (two desktop, one laptop) were stolen on November 11 from the Roudebush Veterans Affairs Medical Center. The computers contained Social Security numbers for as many as 12,000 medical patients and were protected only by password.
An Indiana congressman Steve Buyer says that the hospital failed to follow new safety protocols:
“The information that was accessed should have never been portable,” Buyer said in an interview Thursday from Washington. “That information should have been secure on a server in a data storage system in a remote location.”
The VA department has a long history of data breaches, including the May 2006 breach of information for 26.5 million veterans following the theft of a laptop and hard disk. Since this major breach, the VA has had other incidents of scale 1.8 million, 250,000, 16,000 and 16,5000 individuals affected. This is the third data breach related to the theft of computers.
Regulations on data security were reportedly strengthened after the May 2006 breach. Congressman Buyer lays the blame for the ongoing issues with poor security training and consistent security standards:
“I recognize that we’re dealing with human vices — theft — and we’re dealing with human negligence,” Buyer said. “That’s why it’s so important that information be encrypted and that we limit people’s access to certain information.”
This new breach just adds to the very troubling pattern of poor security standards that continue to plague the VA. A stronger security policy (including security software) and training scheme at all levels of the VA could help prevent such accidents from happening.
Arrest for theft of 1.8 million
An arrest has recently been made in relation to the theft of 1.8 million Social Security numbers in January of this year. Tae Kim was arrested after a month long-investigation when he was caught using fraudulent credit cards at a jewelry store. Kim was an auditor for Veterans Affairs from 2003 to February 2007 – his home computer contained 1.8 million Social Security numbers.
Via OC Register, ComputerWorld, Computer Weekly, IndyStar ; Tags: veterans affairs, data breach, data security, laptop security, laptop theft, fraud, identity theft, va
Category: Data Breach, Government Security, Real Theft Reports, Security Breach, Theft News | 
1 Comment »
I am in the process of building a website that offers “a world of services for your business”. It is critical for me to find a nationwide company that can troubleshoot computer systems and assure businesses that their network is as “hackproof” as possible. I understand that little can be done to change the person who has no integrity like Mr. Kim, but I want to offer many valuable links on my website to support my main offerings from PrePaid Legal Services and Identity Theft Protection from Kroll Background America. These services protect both businesses and individuals. In speaking with business about the compliance with Graham Bliley and FACTA, they mention that they are not sure their IT Security is what it should be…Can you advise?
Thanks and Best Regards,