01. July 2006 · Comments Off on FBI Recovers Stolen VA Laptop · Categories: General

Timmer sent me this link, and I’ve just now had time to read the article. Please forgive my late posting on this, but I was on a business trip this week, and that significantly impacts my internet time.

According to the news article, their initial assessment is that the data has not been compromised (they’re thinking it’s not even been accessed). If this is true, it’s good news for millions of former and current military members.

HOWEVER….

The good news that the laptop and hard drive were recovered was tempered by Nicholson reporting two other instances of data theft, this time in the Midwest.

Nicholson reported VA sensitive data losses in Minneapolis and Indianapolis. A backup tape containing 16,538 legal case records went missing May 5 from the regional VA office in Indianapolis, but VA’s department general counsel was not notified until May 23.

The tape contains a daily chronology of the week’s cases that are managed on VA’s case and attorney tracking system called GC Laws, said VA general counsel Tim McClain.

“The tape most likely contained privileged attorney-client information,” he said. A security officer at the regional office reported that the backup tape was missing from the locked office.

In the Minneapolis data breach, a VA employee took a laptop computer home and locked it in the trunk of the car, which then was stolen in 2005. There have been two incidents of data loss from that incident, Nicholson said.

The data on the laptop affected 66 individuals who had sought services in a VA health facility. The financial auditor was performing income reviews of certain patients for means testing to determine payments. A postal inspector brought the identity fraud to the attention of VA, which is providing credit monitoring for the veterans. VA is notifying them and will provide credit monitoring for them.

Another section of the article states that the employee whose laptop was stolen had been taking it home (with supervisor’s permission) for the last three years. That employee called police 52 minutes after the laptop was stolen. VA didn’t say anything publicly until 2 weeks had gone by.

Also, in the case of the missing backup tape, it was reported missing on May 5, but they didn’t tell the general counsel (I’m assuming that’s the legal dept?) until May 23. WHY? Were they hoping it would just magically turn up?

And possibly the most disturbing comment in the article – it’s last sentence: “VA’s data breach began a string of breaches across agencies, including the Agriculture Department, the Navy, the IRS and, most recently, the National Institutes of Health’s credit union. “

Question for the computer geeks and security geeks – they say it looks like the data has not been accessed. If someone had simply ghosted the harddrive to another harddrive, or (to use an obsolete function), performed an XCOPY, would it indicate that the data had been accessed? Is there some archival flag that gets flipped when such a thing occurs? Or is it likely that what they’re saying is that when they look at properties on the spreadsheet, it shows the last accessed date as before the theft? (and couldn’t that be jiggered by changing the date/time on the pc?)

I would love to believe them, and think that all is hunky dory now, but I’m just not sure I’m ready to do that. The feds, however, are ready to stop thinking about providing credit monitoring for those whose data was stolen.

Comments closed.