- The Washington Times - Tuesday, May 23, 2006

Mishandling of Social Security information by a single government data analyst has put as many as 26.5 million veterans in danger of identity theft — the largest breach of Social Security data in history. But the story of how it happened is depressingly familiar: An employee thinks he or she is above the rules, brings unauthorized data home, loses it and imperils millions of people.

As Department of Veterans Affairs Secretary Jim Nicholson said on Monday, a career employee’s Aspen Hill home was burglarized, apparently randomly, on May 3. Had the employee followed the normal data-handling rules, this would not have affected anyone except the unlucky homeowner. But large tranches of Social Security data were wrongly stored on the employee’s laptop and external hard drive — which were stolen.

It’s not clear whether the burglar knows that he or she is now in possession of the crown jewels of veterans’ financial well-being. But it’s only a matter of time before this malefactor or some other third party figures out what happened — if he hasn’t already — in which case the financial histories and credit records of millions of people, many of them just now entering retirement, will be open for exploitation.

In some respects this is an old story replayed from the 1990s. The most egregious analogue is Clinton CIA director John Deutsch’s wanton carelessness with his agency’s most sensitive information. In the mid-1990s as CIA chief, Mr. Deutsch would download highly classified CIA information onto his unsecured home computer because he couldn’t be bothered with following the rules. When the agency’s security handlers discovered this, it rightly ruined his credibility as an intelligence professional. Since we can only presume that foreign intelligence agents were monitoring the open activities of America’s top spy as closely as possible, this meant that some, perhaps most or all of the business he took home ended up in the wrong hands.

Reckless information-handling plagued the Department of Energy in the 1990s. Analysts and scientists tossed diskettes with the nation’s most sensitive nuclear secrets into the trash. Laptop disappearances were endemic. People tend to remember the lengthy and politicized trial of nuclear scientist Wen Ho Lee, who was acquitted of the most serious charges. But that case was only one of several.

The VA episode should be a serious wake-up call to lawmakers and government data managers. All veterans discharged since 1975 and their spouses are at risk, as are some pre-1975 benefits claimants. The chairmen of both the House and Senate veterans affairs committees have vowed to investigate. The VA has set up a call center, the cost of which is reportedly $11 million. At a time like this lawmakers must ask what can be done to head off future massive breaches.

There’s also a lesson for government employees here: No one is above security protocol. Follow the rules.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide