Stolen VA data goes far beyond initial reports
By HOPE YEN, Associated Press Writer
Personal information on 26.5 million veterans that was stolen from a
Veterans Affairs employee this month not only included Social Security
numbers and birthdates but in many cases phone numbers and addresses,
internal documents show.
Meanwhile, VA Secretary Jim Nicholson said Wednesday that he had named
a former Arizona prosecutor as a special adviser for information
security, a new three-month post that will pinpoint security problems
at the VA and develop recommendations for improvements.
The three pages of memos by the VA, written by privacy officer Mark
Whitney and distributed to high-level officials shortly after the May
3 burglary, offer new details on the scope of one of the nation's
largest security breaches. The memos were obtained Wednesday by The
Associated Press.
They show that a file containing 6,744 records pertaining to "mustard
gas veterans" -- or those who participated in chemical testing programs
during World War II -- was breached, and that a "short file" with as
many as 10 diagnostic codes indicating a veteran's disability also was
stolen.
At the same time, however, the memos suggest that the data might be
difficult to retrieve by thieves.
"Given the file format used to store the data, the data may not be
easily accessible," stated one memo dated May 5 and distributed
internally May 8.
On Wednesday, the VA did not say why it didn't immediately reveal that
personal information such as addresses and phone numbers had been
disclosed. But the agency said it aggressively sought to protect
veterans once Nicholson was informed.
"VA's initial and primary efforts have focused on notifying the
millions of veterans and some spouses whose most sensitive and
identifiable information -- their names, Social Security numbers,
dates of birth, and some disability ratings -- may have been
compromised," spokesman Matt Burns said.
Some lawmakers said Wednesday they were troubled by the new
revelations, which go further than what the VA initially reported
after publicizing the theft on May 22. At the time, Nicholson said the
data was limited to names, Social Security numbers and birthdates; he
later indicated that diagnostic codes in some cases also may have been
breached.
"It is not appropriate for this information to ever enter the public
domain," said Rep. Bob Filner, D-Calif., the top Democrat on the House
Veterans' Affairs Committee, which is planning to hold several
additional hearings on data security and veterans' benefits later this
summer.
Veterans groups have criticized the VA for a three-week delay in
publicizing the burglary after the theft at a VA data analyst's
Maryland home. During hearings last week, Nicholson said he was "mad
as hell" that employees did not notify him of the May 3 burglary until
May 16.
Joe Davis, a spokesman for Veterans of Foreign Wars, said the VA needs
to come clean about who exactly is at risk.
"What's so upsetting and frustrating is the lack of specific details
coming from the VA," he said. "We have millions of veterans looking to
the VA for answers, including older veterans who may not have Internet
access or fully comprehend what this means to them, and younger
veterans who will now have to carry this dark cloud with them for the
rest of their lives."
Separately, Nicholson said in a statement that he had appointed former
Maricopa County Attorney Richard Romley as his new adviser for
information security. Nicholson cited a need for dramatic security
changes in the wake of the burglary.
"Rick Romley is a well-respected attorney and veteran who will provide
a critical outsider's perspective to VA," Nicholson said. "Rick shares
my commitment to cutting through bureaucracy to provide results for
our nation's veterans."
Romley, a Vietnam War veteran, prosecuted one of the largest public
corruption cases in Arizona in the early 1990s and was seen as a
potential GOP contender in that state's 2006 governor's race.
On Tuesday, VA deputy assistant secretary Michael McLendon said he was
stepping down because of the theft, and the VA announced it would
dismiss the data analyst, who had reported to McLendon. The department
also placed Dennis Duffy, the acting head of the division in which the
data analyst worked, on administrative leave.
On the Net:
Info for veterans suspecting identity theft: http://www.firstgov.gov or
1-800-FED-INFO
Copyright 2006 The Associated Press.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at
http://telecom-digest.org/forum (or)
http://telecom-digest.org/chat/index.html
For more news and headlines from Associated Press please go to:
http://telecom-digest.org/td-extra/AP.html
Hope Yen (ap@telecom-digest.org)