Deja vu all over again at Veterans Administration
Another breach for an agency that's prone to them
Computerworld - In what's become a fairly familiar routine for them of late, the U.S. Department of Veterans Affairs is investigating a potential data breach -- the theft of three computers containing personal data on potentially 12,000 individuals.
Two desktop PCs and one laptop containing that data were stolen from a VA medical facility in Indianapolis -- ironically enough, on Veterans Day. The records belong to patients who were treated at the hospital and include Social Security numbers and other personally identifiable information.
"It appears from this most recent breach that there are still some in the VA, even some responsible for the security of such data, who don't realize the importance of the security of the names and data of our veterans," U.S. Rep. Steve Buyer (R-Ind.) said in a prepared statement.
According to Buyer, the VA notified his office of the breach on Thursday and is working to ascertain the names and data of the people who might have been affected by the theft.
Buyer was the chairman of the House Committee on Veterans' Affairs until the Democrats took control of Congress last year. As chairman, he held 16 hearings on IT issues at the VA, eight of which were specifically on security. The hearings were designed to identity the issues that led to the loss of a laptop and hard disk containing personal data on more than 26.5 million veterans in May 2006.
That incident led to a sweeping overhaul of the VA's IT organization and more direct power being bestowed on the office of the CIO to make needed security changes.
"It is inexcusable that the VA repeatedly fails to comply with its own policy to safeguard veterans' personal information," Buyer said in his statement. He added that the agency needs to provide full credit monitoring to all those affected by the latest breach.
The theft at the Richard L. Roudebush VA Medical Center in Indianapolis is the latest in a string of similar incidents that have occurred at the VA before and after the massive data breach brought the agency's security shortcomings to light.
Last January, an IT specialist at a VA medical center in Birmingham, Alabama, reported as missing (download PDF) a hard disk containing personal data on more than 250,000 veterans and an additional 1.3 million medical providers.
In August of last year, at the height of the uproar over the May breach, the VA disclosed that Unisys Corp., a subcontractor hired to assist in insurance collections for VA medical centers in Pittsburgh, had reported a missing computer containing personal data on over 16,000 veterans.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts