VA Reminds Thief How Valuable Stolen Data Is
from the perhaps-not-the-best-plan dept
Earlier this week, we noted that the Department of Veterans Affairs seemed to be hoping that whoever stole a laptop and hard-drive with lots of veterans' private info was too stupid to know what they had stolen. However, it seems they're doing their very best to make sure everyone realizes it's quite valuable. They've now put up a $50,000 reward for any info leading to the recovery of the data. Of course, should the thief hear about this, then what's to stop him (or her) from simply copying the data and then figuring out a way to return the laptop and get the $50,000? Not that security through obscurity was likely to work in this case, but it seems sort of odd that they were so adamant that thief likely had no idea how valuable the data was -- and then put a price on it and blasted it all over the news.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
And so does TechDirt!!!
Thanks guys I appreciate that. :(
[ link to this | view in thread ]
Re:
retard
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re
[ link to this | view in thread ]
[ link to this | view in thread ]
It's their fault...
[ link to this | view in thread ]
It is the internets fault
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
it's the bird brain at the dept of veterans affairs that took the files home on the pc that is responsible for my name and social and claim number being compromised.
no one else, he or she is the one guilty of criminal behavior.
what's that jerks name? that's what i want to know.
so i guess i just keep paying Wells Fargo to monitor my personal information on the national credit bureaus.
[ link to this | view in thread ]
Lost laptops
"I lost my laptop here. If anybody found it please get in touch with me immediately! I will pay a reward. Very important - NO POLICE. Please DO NOT HAND IT IN TO THE POLICE"
and the guy put his phone number. LMAO
I wonder what was on that laptop? I resisted the urge to copy down the number for future entertainment.
Encrypted hard drives people!
[ link to this | view in thread ]
Re: Lost laptops
[ link to this | view in thread ]
[ link to this | view in thread ]
Yeah...
[ link to this | view in thread ]
Re: Discharge
Thank you for your service to our country!!
(Just playing with the ambiguity of the predecessor of "this") ;-)
[ link to this | view in thread ]
network???
[ link to this | view in thread ]
well...
It's a pity organizations haven't learned to protect their data, and keep employees from taking sensitive data like this home with them. At the very least the VA should of had a program on that laptop to call home the next time it got hooked into the net. Little late for that now though...
[ link to this | view in thread ]
Unless, of course you're stealing social security numbers so you can work in the U.S. - then that kind of identity theft is ok...
[ link to this | view in thread ]
gotta be kiddin me?
[ link to this | view in thread ]
not the press's fault
The VA and the FBI are OFFERING A REWARD! They are asking for publicity in order to get people to call leads in to their tip line.
But how many of these types of incidents do there need to be before the companies with tons of sensitive customer data adopt some decent security policies?
[ link to this | view in thread ]
I'm sure...
2. that the data on it is in the possession of someone who will use it for no good (i.e. organized crime organization of some sort.)
3. the guy who stole it is either dead or paid off.
They better not publish the idiot's name. He's got millions of veterans PO'd about it, and who knows how many of them have guns.
[ link to this | view in thread ]
I wish I knew the guy's name
[ link to this | view in thread ]
The story that won't be told
Is the VA IT staff so overworked they need to take home work?
[ link to this | view in thread ]
Data Loss
The VA should have 2 pieces of information, the ID of the Veteran, and where to mail the checks. Problem Solved.
Compartmentalize the data, then no single loss will result in significant risk.
[ link to this | view in thread ]
how do I know...
[ link to this | view in thread ]
Business rules can and need to be put in place so
[ link to this | view in thread ]
ouch
[ link to this | view in thread ]
I would not be opposed to a one time tax to pay for fraud prevention for our veterans. Without them, we wouldn't have anything worthwhile to tax.
Thanks guys/girls for serving your country, hopefully your country can serve you now.
[ link to this | view in thread ]
Stolen Laptop
[ link to this | view in thread ]
Stolen Laptop
[ link to this | view in thread ]
OOPS
[ link to this | view in thread ]
OOPS again
[ link to this | view in thread ]
Re: how do I know...
Lets see if I can find the article.
Here is is
"names, dates of birth and Social Security numbers"... Thats all they need...
[ link to this | view in thread ]
And we call ourselves the most intelligent life fo
You have a security breach, don't tell the press, go to the law enforcement agency and solve the crime, then tell the press once the breach has been resolved and the information is back in the right hands.
Or, go on TV or put an ad in the paper with let every reader/watcher know your SSN, DOB, Name and Credit Card number.
[ link to this | view in thread ]
Re: Stolen Laptop
Apply some common sense and flag your new vulnerability to the Credit Bureaus and quit worrying abou suing somebody. Sheesh.
[ link to this | view in thread ]
Re: And we call ourselves the most intelligent lif
Terrible judgement.
[ link to this | view in thread ]
Re: The story that won't be told
Most investigations into incidents where an employee does some boneheaded thing that any moron knows is a breach of security turn up the following:
[ link to this | view in thread ]
Re: Yeah...
Are you serious? It was the VA that lost the data. It was the VA who claimed that no one would know about it and it was the VA that then went out and told everyone how valuable it was and promoted it everywhere.
To blame *us* for anything is just bizarre.
[ link to this | view in thread ]
Reward System
Kind of like the line from Pee Wee's big adventure:
"Dottie - How are you ever going
to pay a reward like that?"
"Pee Wee - It's simple.
Whoever returns the bike is obviously
the person who stole it.
So they don't deserve any reward!"
What a shame that our vets are now further exposed to the possibility of identity theft...
[ link to this | view in thread ]
A better use for the money
I'd expect a competent business which had a laptop full of data stolen to do this, but...
[ link to this | view in thread ]
Re: Re: Yeah...
Yes, the VA screwed up. No one's arguing that. What I (and others) are claiming is that you have repeated that mistake by posting the same reward and information here.
It showed up on my Google homepage for crying out loud! I didn't even have to search for it!
But, hey, it's your story. Tell it how you want.
[ link to this | view in thread ]
Re: Re: Re: Yeah...
We're not the ones giving away $50,000 to let everyone know how important the data is.
Making a mistake and reporting a mistake are two amazingly different things.
[ link to this | view in thread ]
we have a right to know the name of the thief
... was it neocon? , Chinese, ?
[ link to this | view in thread ]