Stolen VA laptop found

By Bill Brenner, Senior News Writer 29 Jun 2006 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

A stolen laptop computer housing the personal data of 26.5 million veterans and about 2.2 million active duty personnel has been recovered, nearly two months after it was stolen from the home of an employee from the U.S. Department of Veterans' Affairs (VA).

VA Secretary Jim Nicholson announced the find to reporters Thursday morning, before the start of another hearing of the House Veterans' Affairs Committee.

"There is reason to be optimistic," The Associated Press quoted him as saying. "It's a very positive note in this very tragic incident." He added the VA has received no reports of identity fraud since the May 3 burglary of the VA employee's home. The employee has since been fired.

While the laptop's recovery is a positive development, security professionals say the danger to veterans and active duty personnel is not over. Investigators will spend the next three to five weeks examining the laptop for evidence the data has been copied or exploited in any way.

"Finding the laptop will make people feel warm and fuzzy, but we still don't know the status of the data at this point," said Frank Kenisky, an information technical security specialist who works for the federal government. "How do we know the data hasn't been copied and sold?"

As a veteran, Mike Spinney said he takes no comfort in the laptop's recovery.

"The laptop's recovery really means nothing," said Spinney, principal of SixWeight, a strategic communications analysis and consulting firm based in Townsend, Mass. "The fact is, it's been almost two months where the data has been unaccounted for. In the digital age, it's very easy to copy data and do what you want with it. As a veteran, I still have concerns about that data being used for nefarious purposes."

The U.S. Department of Veterans Affairs confirmed in late May that records for every veteran discharged from the military since 1975 were stolen from the home of an agency employee . The VA later revealed the breach also put active duty personnel at risk for identity fraud.

Including the VA security breach, the Privacy Rights Clearinghouse (PRC) estimates that more than 88 million Americans have been put at risk for identity fraud since February 2005.

Tags: Identity Theft and Data Security Breaches,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Identity Theft and Data Security Breaches Chip and PIN adoption serves lesson for U.S. payment industry Group to shed light on secure identity management threats Heartland CIO is critical of First Data's credit card tokenization plan Heartland CIO on end-to-end encryption, credit card tokenization Heartland CIO on PCI, E3 project Visa probes tokens, encryption for PCI card data protection University data breach exposes 163,000 women to identity theft TJX thrives following breach, bucks sour economy Security expert's PCI analysis misguided, says PCI Council GM External attacks start with unintentional mistakes, survey finds

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) CISP-PCI  (SearchFinancialSecurity.com) cookie poisoning  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) extrusion prevention  (SearchSecurity.com) identity theft  (SearchSecurity.com) parameter tampering  (SearchSecurity.com) pretexting  (SearchCIO.com) Rock Phish  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary