The Department of Veterans Affairs (VA) has recently learned that an employee, a data analyst, took home electronic data from the VA, which he was not authorized to do. This behavior was in violation of VA policies. This data contained identifying information including names, social security numbers, and dates of birth for up to 26.5 million veterans and some spouses, as well as some disability ratings. Importantly, the affected data did not include any of VA's electronic health records nor any financial information. The employee's home was burglarized and this data was stolen. The employee has been placed on administrative leave pending the outcome of an investigation.The Washington Post has more on the theft.
This is the "biggest unauthorized disclosure ever of Social Security data," and "affected veterans include anyone discharged after 1975 and some of their spouses, as well as some veterans discharged before then who submitted a claim for VA benefits." And in a now all-too familiar theme, concerns about the VA's "significant information security vulnerabilities" were raised last year by acting Inspector General Jon A. Wooditch, but, evidently, nothing—or not enough—was done.
(Crossposted at AlterNet PEEK.)
Shakesville is run as a safe space. First-time commenters: Please read Shakesville's Commenting Policy and Feminism 101 Section before commenting. We also do lots of in-thread moderation, so we ask that everyone read the entirety of any thread before commenting, to ensure compliance with any in-thread moderation. Thank you.
blog comments powered by Disqus