VA Hopes Data Thieves Are Stupid

from the one-way-to-protect-data dept

Tue, May 23rd 2006 6:51pm — Mike Masnick

While there's been plenty of talk about how a VA employee brought lots of confidential personal data home with him only to have it all stolen in a burglary, some are noticing that the VA's response has been a bit odd. While they're giving the standard talk about how you should check your credit reports and watch for any suspicious activity, they're also going around and telling people they probably shouldn't worry because the thieves probably have no idea what they stole. Of course, now that they're blasting it all over the internet, perhaps the crooks will be alerted to what they stole. Either way, it seems like a pretty weak response to not protecting the data.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

18 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Ima Winna!, 23 May 2006 @ 7:07pm

First Post!!!
[ link to this | view in chronology ]
Digital Angel, 23 May 2006 @ 7:24pm

Screwed Up
I live in VA and theya re a screwed up backwards commenwealth, that drives people to be poor, of course they don't care about their backbone of the local people
[ link to this | view in chronology ]
- um_duh, 23 May 2006 @ 7:31pm
  
  Re: Screwed Up
  so you live in VA huh, obviously the people in VA must be screwed up because you are completely off subject!!!
  [ link to this | view in chronology ]
- Rick, 23 May 2006 @ 7:32pm
  
  Re: Screwed Up
  It's probably due to the incompetant boobs like you who don't realize VA in this instance means Veterans Administration - not Virginia. Try watching the news and get a clue.
  
  As for the VA hoping the thieves are stupid, how do they justify their own stupidity in losing the data in the first place?
  
  Stupid begets stupid - oops, sorry back to talking about Virginia again - lol.
  [ link to this | view in chronology ]
  - umm_duh, 23 May 2006 @ 7:34pm
    
    Re: Re: Screwed Up
    The problem with the VA, like many organizations is the stupidity of people, not the organization or company. Many corporations and organizations have procedures in place, but ultimately it is up to the people to follow them. What would you suggest they do differently?
    [ link to this | view in chronology ]
  - FireMonkey, VA Employee, 24 May 2006 @ 6:17am
    
    Re: Re: Screwed Up
    "It's probably due to the incompetant boobs like you who don't realize VA in this instance means Veterans Administration - not Virginia. Try watching the news and get a clue."
    Errr... It's actually the Department of Veterans Affairs...
    We should remember that most VA employees aren't this careless. The VA certainly isn't the well-oiled machine that many of us would hope, but the employees are generally hard working, good-hearted people that really try to do what's best for the veterans they serve. Let's not let this single jackass ruin it for the whole organization...
    [ link to this | view in chronology ]
  - William C Bonner, 24 May 2006 @ 6:20am
    
    Veterans Administration vs. Virginia
    I read this as the veterans administration, and then the first several posts were trashing the state of virginia.
    
    I'm from the west coast, and trashing a federal governmental organization seems normal, trashing an individual state is less common, at least until it makes it into the mainstream national news.
    [ link to this | view in chronology ]
- Anonymous Coward, 23 May 2006 @ 8:29pm
  
  Re: Screwed Up
  First off, Virginia is a fine place to live, except, perhaps, for their dysfunctional Department of Transportation, and second, this story is about the Veterans Administration.
  [ link to this | view in chronology ]
umm.., 23 May 2006 @ 7:25pm

is the laptop going to be used for wuts on it?

well if the idiot is more than a crackhead lookin to score some bucks selling the laptop for some money, then no..but thats if the person that bought the laptop is an idiot too...im sure itll end up in someones hands thatll know wut to do with it
[ link to this | view in chronology ]
Frink, 23 May 2006 @ 7:40pm

You have to believe that the person in possession of this information now knows the value of it and will auction it off to the highest bidder. Name, date of birth and Social Security numbers will get someone a lot of return from identity theft.

Makes me happy that I was skipped over in the very first draft lottery. My number came up as 332 out of 365. It also makes me very concerned for the millions of Vets at risk. The government will show very little concern and probably be able to do very little to help these victims. There is no excuse for this sort of security security lapse.
[ link to this | view in chronology ]
jason, 23 May 2006 @ 8:04pm

Idiot employee needs to be brought through the ringer for this one.

The va needs to get it together too. I work for a defense contractor that employes 46000 people and every hard drive, laptop or desktop, is encripted. even if there is no FOYO or SBU on it. I realize it is not fool proof but a database of that nature should have some safeguards.

and before the grammer police get me I know I spelled encripted wrong.
[ link to this | view in chronology ]
Not A Saint, 23 May 2006 @ 10:11pm

Better practices are sometimes hard learned
I'm one of those veterans on the list and I am quite concerned. I've worked very hard to ensure I have good credit and a fair, though late, start at a decent retirement. However, I also know to monitor my credit on a regular basis and communicate with the credit reporting agencies immediately if something seems out of place. I learned that the hard way already so this will just be an ongoing trial for me.

As for the VA. This is a hard lessoned learned and it will assuredly cause them some PR problems that will be an uphill battle to remedy. I've worked with quite a few banks and insurance companies over the years that understand just how valuable their customer data is. There are certain standards and regulatory compliance requirements that they are generally very strict about maintaining. The government, in general, is supposed to follow the same strict guidelines and is usually very protective of personal data. What this tells me is that the VA allowed a breach of compliance with certain standards and that they need a very serious audit and re-vamp of their data management processes.

The only data a developer should ever be allowed to see, let alone copy, should be dummy data provided for the purpose of testing. Never the actual data...
[ link to this | view in chronology ]
Don, 23 May 2006 @ 10:35pm

First, this is a prime example of why large scale data collections, especially by the government, is often a bad idea. No matter how good the tech, some human action, intention or otherwise will almost certainly comprise such data stores or leave them vulnerable to hacking.

Secondly, the assertion in the story that there is no evidence the theft was intended for that data specifically makes me leary. Unless the employee frequently took home sensitive data (and without permission according to the story) I find the timing of the robbery suspect. "Amazing coincidences" tend to raise my BS radar. Also stealing a laptop I can understand, but stealing disks? Not likely unless they had good reason to know they might contain very valuable information (meaning they knew, or had word from someone who knew, the victim and what he did for a living).
[ link to this | view in chronology ]
- ZA, 24 May 2006 @ 11:53am
  
  Re: stolen disks
  Their rationale is that the thief more than likely though they were music CDs. When he went to play them, nothing happened. They probably were tossed out the car window.
  
  This doesn't change the fact that some moron would bring home sensitive data and leave it lying around in his laptop bag no doubt. Are we sure this didn't happen in Virginia?
  
  As much as I don't care for Kerry, he is right, someone needs to be fired.
  [ link to this | view in chronology ]
DJ Twiztid, 23 May 2006 @ 10:39pm

Our US Government
Ya know I worked for an insurance company for years. I've yet to see a VA Hospital actually do their job right. I try to help people get claims paid as much as I can but they are just stupid. It's nice to know our government cares this much about our well being and money. So honestly this doesn't surprise me in the least. Like they always say. Work for the government...get paid well and underworked.
[ link to this | view in chronology ]
Neil Carver, 23 May 2006 @ 11:51pm

Here is one possible solution
For those on the list and anyone else concerned with identity theft, there is a way to protect yourself and your family. Click or paste this link and take a look; http://wserver0.prepaidlegal.com/Multisite/Multisite?site=idt&assoc=nacarver Credit Fraud is only a portion of what this service can watch for and fix.
[ link to this | view in chronology ]
ThePengwin, 23 May 2006 @ 11:57pm

Theives normally think

"Hey this stuff looks valuable"

Iand most of the time they are right
[ link to this | view in chronology ]
fuk yall, 21 Feb 2007 @ 8:04am

why u say that thats fucked up i should kick yall asses dumb bitchs and my brother isn't stupid
[ link to this | view in chronology ]