- The Washington Times - Thursday, June 8, 2006


Stolen personal data for 26.5 million veterans and military personnel may have been erased by teenagers who sold the computer equipment, Veterans Affairs Secretary Jim Nicholson said yesterday.

In testimony to Congress, Mr. Nicholson accepted responsibility for the May 3 burglary at a VA data analyst’s home. He said the agency remains vulnerable to other security lapses and that changes won’t happen overnight.

“This has been a painful lesson for us at VA, and I am committed to assuring that we have the people, adequately trained, policies and procedures in place to assure that this could not happen again,” Mr. Nicholson told the House Government Reform Committee.

He explained that the burglary occurred in an Aspen Hill neighborhood that had experienced a pattern of burglaries by youths who took computer equipment, wiped them clean of the data and then sold them on college campuses or high schools.

“We remain hopeful this was a common random theft and that no use will be made of this data,” Mr. Nicholson said. “However, certainly we cannot count on that.”

Lawmakers were skeptical. They noted that the committee and the Government Accountability Office, Congress’ investigative arm, had warned the VA for years that security was lax.

“Secretary Nicholson, you blame this on an employee who was fired, on a culture, on people doing what they’re not supposed to be doing,” said Rep. Henry A. Waxman of California, the panel’s top Democrat. “That doesn’t sound like we’re getting to the heart of this with passing the buck.”

Added Rep. Christopher Shays, Connecticut Republican: “It is beyond stupid to take out sensitive documents.”

Congress is trying to determine whether the VA took proper steps to guard against the unauthorized disclosure of personal information. The VA has said the data analyst — who has been fired — violated procedures by taking home for three years the names, Social Security numbers and birth dates without permission.

Earlier this week, Mr. Nicholson acknowledged that the stolen data — which was stored on the employee’s personal laptop — included personal information on about 2.2 million active-duty military, Guard and reserve personnel. The agency originally said the number was 50,000.

During the hearings, Mr. Nicholson pledged new initiatives to protect private information, saying he ordered that no personal laptop would be allowed to access the VA network. About 35,000 VA employees have that clearance, although not all have access to veterans’ personal information.

Rep. Steven C. LaTourette, Ohio Republican, pressed Mr. Nicholson on whether the VA had received any reports that the stolen data had been used for identity theft. Mr. LaTourette said one Gulf War veteran, Steven Michel of Ashtabula, Ohio, had reported he might be a victim after discovering he had not received his monthly VA disability check.

Mr. Nicholson said local and federal law enforcement have not notified the VA of any identity thefts stemming from the data breach, one of the nation’s largest.

Veterans who suspect identity theft can go to www.firstgov.gov or call 800/FED-INFO.

Copyright © 2019 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.


Click to Read More and View Comments

Click to Hide