Another data breach at Veterans Affairs

The U.S. Department of Veterans Affairs is investigating a potential data breach involving the theft of three computers containing personal data on potentially 12,000 individuals. This is not the first data breach to occur at the department, as last year a laptop and hard disk containing personal data on over 26.5 million veterans was stolen.

With this most current breach, two desktop PCs and one laptop containing personal data were stolen from a medical facility in Roudebush, Indiana – ironically enough, on Veterans Day. The records belong to patients who were treated at the hospital and include Social Security numbers and other personally identifiable information.

“It appears from this most recent breach that there are still some in the VA, even some responsible for the security of such data, who don’t realize the importance of the security of the names and data of our veterans,” Congressman Steve Buyer (R-Ind) said in a prepared statement.

According to Buyer, the VA notified his office of the breach on Thursday and are working on ascertaining the names and data of the people who might have been affected by the theft.

Buyer was the chairman of the House Veteran Affairs Committee last year and held 16 hearings on VA information technology with eight of them specifically on IT security. The hearings were designed to identity the issues that led to last year’s theft of a laptop and hard disk containing personal data on over 26.5 million veterans in May last year.

That incident led to a sweeping overhaul of the VA’s IT organization and more direct power being bestowed on the office of the CIO to make needed security changes.

“It is inexcusable that the VA repeatedly fails to comply with its own policy to safeguard veterans’ personal information,” Buyer said, adding that the agency needed to provide full credit monitoring to all those affected in the latest breach.

The Roudebush theft is the latest in a string of similar incident that have occurred at VA before and after the massive data breach in May 2006.

On January 22, 2007, an IT specialist at a VA medical center in Birmingham, Alabama, reported as missing (PDF format) hard disk containing personal data on over 250,000 veterans and an additional 1.3 million medical providers.

In August of last year, at the height of uproar over the May breach, the VA disclosed that Unisys, a subcontractor hired to assist in insurance collections for VA medical centers in Pittsburgh reported a missing computer containing personal data on over 16,000 veterans.

During a Buyer hearing into the May 2006 breach, VA officials disclosed several other prior security incidents that had happened at the department, including the loss of a back-up tape containing legal and case related information on 16,500 veterans from Indianapolis. Also disclosed during the hearing was another breach, this one involving the loss of SSNs and other personal data on 66 veterans; their data was compromised when a VA auditor put the papers with the data in the trunk of a rental car that was later stolen.

Related content:

U.S. data breach notification law unlikely this year

PC with sensitive data missing from subcontractor

FTC laptops stolen along with personal data

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now