thedrifter
05-30-06, 02:07 PM
June 05, 2006
‘Breach of trust’
Loss of vets’ personal info spurs concerns about VA, identity theft
By Gordon Lubold
Times staff writer
More than 100,000 veterans have contacted a special call center at the Department of Veterans Affairs seeking more information about their financial futures in the wake of a massive theft of personal data.
The call center’s lights have been blinking steadily since the VA announced May 22 that it had lost personal data on 26.5 million veterans, including names, Social Security numbers and dates of birth.
The announcement came almost three weeks after a VA employee took the data home on a computer to work on it and then lost the computer in what appeared to be a burglary.
The employee, who lives outside Washington, has been placed on administrative leave pending a broader investigation.
VA officials said the employee was a career data analyst who was not authorized to bring the data home.
There is no indication the lost information has been used illegally, but officials urge all veterans to check their financial records and be on the alert for suspicious activity. As a result, thousands have called the VA’s call center and logged onto a Web site for more information.
While many veterans are reeling from the possibility that their personal information could be sold and their identities stolen, VA Secretary James Nicholson is on the hot seat as lawmakers are hitting him with tough questions about how his department could have allowed this to happen.
Some Democrats are calling for his head. And even Republicans showed Nicholson, a former chairman of the Republican National Committee, little mercy, pointing to the VA’s legendary bureaucratic culture and its slowness to adapt to changing times.
Sen. Susan Collins, R-Maine, read a long statement in which she highlighted the VA’s failure to heed its own internal audits, which found a lack of adequate oversight on information security.
“This ongoing failure during a time when identity theft has been such a high-profile problem is simply appalling,” Collins said as Nicholson sat grimly at a joint hearing of two Senate committees May 25.
“It simply appears that the VA did not handle this matter with the clear sense of urgency that it required,” she said.
Collins also wanted to know why the VA did not notify anyone of the burglary until three weeks afterward.
Nicholson himself said he was “outraged” that officials within his own agency failed to bring the information to him until two weeks after the robbery. Even then, he said, he had to overrule other officials who thought releasing the information could jeopardize the robbery investigation.
The list of 26.5 million veterans includes any who left the service since 1975, up to and including those veterans who filed DD-214 release forms with the VA recently. The list may include some deceased veterans, Nicholson said.
Not surprisingly, veterans groups are angry.
“The government must accept responsibility for any consequences of this inexcusable breach of trust with America’s veteran community,” James Mueller, commander of the Veterans of Foreign Wars, wrote in an open letter to Nicholson. “Clearly, the VA has put virtually every veteran at risk.”
While the VA has stated there is no indication any veterans’ identities have actually been stolen, the department is urging them to monitor their financial records closely for suspicious information. That means credit checks — which the VA has not yet offered to subsidize, veterans’ groups note.
The VA’s own inspector general warned something like this could happen as recently as last fall.
“In recent years, VA has not made adequate progress” in enhancing its information security, Jon Wooditch, acting VA inspector general, wrote in a report dated Nov. 15.
VA and the FBI announced May 25 that a $50,000 reward is being offered for information that leads to the recovery of the laptop and external hard drive with the veterans’ personal information.
Anyone with information should call (866) 411-TIPS (8477).
Where to turn for advice
The Department of Veterans Affairs has advice for veterans who are concerned about the security of their personal information:
Q I’m a veteran. How can I tell whether my information was stolen?
A At this point, there is no evidence that any missing data have been used illegally. However, VA is asking all veterans to be extra vigilant and to carefully monitor bank statements, credit card statements and any statements relating to recent financial transactions. If you notice unusual or suspicious activity, report it immediately to the financial institution involved and contact the Federal Trade Commission for further guidance.
Q What is the earliest date at which suspicious activity might have occurred because of this breach?
A The information was stolen from a VA employee in May. If the data have been used to commit fraud or identity theft crimes or otherwise misused, it is likely that veterans may notice suspicious activity during May.
Q I have not noticed suspicious activity in my financial statements, but what can I do to protect myself and prevent credit card fraud or identity theft?
A VA recommends that veterans closely monitor their financial statements and visit VA’s special Web site at www.firstgov.gov or call (800) FED-INFO (333-4636). VA does not believe it is necessary to contact financial institutions or cancel credit cards and bank accounts unless you detect suspicious activity.
Q If I notice suspicious or unusual activity, where should I report it?
A The Federal Trade Commission recommends the following four steps if you detect suspicious activity:
1. Contact the fraud department of one of the three major nationwide credit bureaus.
• Equifax: (800) 525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241.
• Experian: (888) EXPERIAN (397-3742); www.experian.com; P.O. Box 9532, Allen, Texas 75013.
• TransUnion: (800) 680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790.
2. Close any accounts that have been tampered with or opened fraudulently.
3. File a police report with your local police or the police in the community where the identity theft took place.
4. File a complaint with the FTC’s Identity Theft Hotline by phone at (877) 438-4338, online at www.consumer.gov/idtheft, or by mail at Identity Theft Clearinghouse, Federal Trade Commission, 600 Pennsylvania Ave. NW, Washington, DC 20580.
Ellie
‘Breach of trust’
Loss of vets’ personal info spurs concerns about VA, identity theft
By Gordon Lubold
Times staff writer
More than 100,000 veterans have contacted a special call center at the Department of Veterans Affairs seeking more information about their financial futures in the wake of a massive theft of personal data.
The call center’s lights have been blinking steadily since the VA announced May 22 that it had lost personal data on 26.5 million veterans, including names, Social Security numbers and dates of birth.
The announcement came almost three weeks after a VA employee took the data home on a computer to work on it and then lost the computer in what appeared to be a burglary.
The employee, who lives outside Washington, has been placed on administrative leave pending a broader investigation.
VA officials said the employee was a career data analyst who was not authorized to bring the data home.
There is no indication the lost information has been used illegally, but officials urge all veterans to check their financial records and be on the alert for suspicious activity. As a result, thousands have called the VA’s call center and logged onto a Web site for more information.
While many veterans are reeling from the possibility that their personal information could be sold and their identities stolen, VA Secretary James Nicholson is on the hot seat as lawmakers are hitting him with tough questions about how his department could have allowed this to happen.
Some Democrats are calling for his head. And even Republicans showed Nicholson, a former chairman of the Republican National Committee, little mercy, pointing to the VA’s legendary bureaucratic culture and its slowness to adapt to changing times.
Sen. Susan Collins, R-Maine, read a long statement in which she highlighted the VA’s failure to heed its own internal audits, which found a lack of adequate oversight on information security.
“This ongoing failure during a time when identity theft has been such a high-profile problem is simply appalling,” Collins said as Nicholson sat grimly at a joint hearing of two Senate committees May 25.
“It simply appears that the VA did not handle this matter with the clear sense of urgency that it required,” she said.
Collins also wanted to know why the VA did not notify anyone of the burglary until three weeks afterward.
Nicholson himself said he was “outraged” that officials within his own agency failed to bring the information to him until two weeks after the robbery. Even then, he said, he had to overrule other officials who thought releasing the information could jeopardize the robbery investigation.
The list of 26.5 million veterans includes any who left the service since 1975, up to and including those veterans who filed DD-214 release forms with the VA recently. The list may include some deceased veterans, Nicholson said.
Not surprisingly, veterans groups are angry.
“The government must accept responsibility for any consequences of this inexcusable breach of trust with America’s veteran community,” James Mueller, commander of the Veterans of Foreign Wars, wrote in an open letter to Nicholson. “Clearly, the VA has put virtually every veteran at risk.”
While the VA has stated there is no indication any veterans’ identities have actually been stolen, the department is urging them to monitor their financial records closely for suspicious information. That means credit checks — which the VA has not yet offered to subsidize, veterans’ groups note.
The VA’s own inspector general warned something like this could happen as recently as last fall.
“In recent years, VA has not made adequate progress” in enhancing its information security, Jon Wooditch, acting VA inspector general, wrote in a report dated Nov. 15.
VA and the FBI announced May 25 that a $50,000 reward is being offered for information that leads to the recovery of the laptop and external hard drive with the veterans’ personal information.
Anyone with information should call (866) 411-TIPS (8477).
Where to turn for advice
The Department of Veterans Affairs has advice for veterans who are concerned about the security of their personal information:
Q I’m a veteran. How can I tell whether my information was stolen?
A At this point, there is no evidence that any missing data have been used illegally. However, VA is asking all veterans to be extra vigilant and to carefully monitor bank statements, credit card statements and any statements relating to recent financial transactions. If you notice unusual or suspicious activity, report it immediately to the financial institution involved and contact the Federal Trade Commission for further guidance.
Q What is the earliest date at which suspicious activity might have occurred because of this breach?
A The information was stolen from a VA employee in May. If the data have been used to commit fraud or identity theft crimes or otherwise misused, it is likely that veterans may notice suspicious activity during May.
Q I have not noticed suspicious activity in my financial statements, but what can I do to protect myself and prevent credit card fraud or identity theft?
A VA recommends that veterans closely monitor their financial statements and visit VA’s special Web site at www.firstgov.gov or call (800) FED-INFO (333-4636). VA does not believe it is necessary to contact financial institutions or cancel credit cards and bank accounts unless you detect suspicious activity.
Q If I notice suspicious or unusual activity, where should I report it?
A The Federal Trade Commission recommends the following four steps if you detect suspicious activity:
1. Contact the fraud department of one of the three major nationwide credit bureaus.
• Equifax: (800) 525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241.
• Experian: (888) EXPERIAN (397-3742); www.experian.com; P.O. Box 9532, Allen, Texas 75013.
• TransUnion: (800) 680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790.
2. Close any accounts that have been tampered with or opened fraudulently.
3. File a police report with your local police or the police in the community where the identity theft took place.
4. File a complaint with the FTC’s Identity Theft Hotline by phone at (877) 438-4338, online at www.consumer.gov/idtheft, or by mail at Identity Theft Clearinghouse, Federal Trade Commission, 600 Pennsylvania Ave. NW, Washington, DC 20580.
Ellie