U.S. Service Personnel Data Stolen 343
BStrunk writes "I was reading the news this morning on Reuters, when I stumbled across this article:
U.S. Service Personnel Personal Data Stolen
In the article, an official violated policy by taking the detailed personal information of thousands of active and reserve troops to his personal home, storing it on a personal computer, that was later stolen. In an age where domestic phone calls are monitored, a government employee was allowed to walk out of a government installation with the data on thousands of American citizens to store on an insecure personal computer? Doesn't that seem strange to you? This is a real failure, in my opinion, in government protection of its citizens. Layers of encryption and protected access was successfully bypassed to make the theft of this information as simple as stealing a home pc.
Now, not only do service personnel currently serving have to worry about IEDs and being fired upon, but they are now subject to possible identity theft. A real failure. After this, how could one have faith enough to serve an inept institution?"
Re:IED? (Score:3, Informative)
Basically a bunch of artillery shells wired to a trigger or remote. When a US convoy drives past the IED hiding spot, a watcher triggers the explosive and the huge crater is formed right where the convoy used to be.
-Rick
Re:IED? (Score:2, Informative)
Since you are reposting 3 week old news (Score:4, Informative)
From the "Fine Tooth Comb" department (Score:4, Informative)
not thousands, MILLIONS (Score:1, Informative)
"This data contained identifying information including names, social security numbers, and dates of birth for up to 26.5 million veterans and some spouses, as well as some disability ratings."
Official Use Only Information (Score:5, Informative)
However, nearly every govenrment computer in existence includiung laptops has gobs of OUO information on it. It's not encrypted because it's not that sort of information. It's just controlled dissemination. That does not mean it might be harmless to release it but it's way below classified.
It is not alarming the people occasionally accdentally disseminate or lose control of OUO. Employees are simply expcted not to do so wilfully or wantonly or carelessly. Its even permissible to share OUO with people outside the governemnt if the employee thinks it would be useful to do so. The fact that OUO was taken home is not a big deal.
In this case the only big distinctions are the massive quantity of the information, and the fact that it's personell records which do have higher levels of protection. Apparently it was also policy not to take these home.
Apples and oranges (Score:3, Informative)
Besides, domestic calls are not monitored without a warrant. Do you have a problem with that? Perhaps you are thinking of international* calls to known members of terrorist organizations.
Is that a question?* According to my phone bill, a call made from my house to another country is an international call.
As a vet, I can say... (Score:5, Informative)
Everyone who has been in the service knows that there are always a few idiots up in the higher levels of the chain of command. Also that the civilian employees of the DoD aren't always interested in looking out for the interests of the military personnel that they are supposed to be serving. Dealing with the civilian DoD folks was a constant frustration during my time at Fort Bragg. Not that those folks are all bad, but the service they gave me when I was in the 82nd was second only to the service I get from the DMV -- surly and uncooperative.
Re:Not a dupe! (Score:4, Informative)
The Active Duty info is a subset [wgal.com] of the same data stolen weeks ago.
What is this, a Theme Summer? (Score:4, Informative)
Ernst & Young lose data on a quarter-million Hotels.com customers [theregister.co.uk]
Ernst & Young (hey, there is a theme here!) lose information on Sun employees (including then-CEO Scott McNealy) [theregister.co.uk]. Also included were employee records for IBM, Nokia and Cisco.
Wells Fargo proves it can play the game too [theregister.co.uk].
And not to be left out, let's not forget Fidelity's loss of 200,000 HP employee records [theregister.co.uk].
What's scary is that both Fidelity and E&Y audit other companies for security and regulatory compliance (including HIPAA and Sarbanes-Oxley)...
Re:Once again. . . (Score:2, Informative)
Excuse me? (Score:5, Informative)
I'm in Iraq right now. Yes, we have to deal with IED's and being fired upon. And yes, having to worry about this isn't all that great either. But that has absolutely nothing to do with "serving an inept institution" as you call it. We don't serve an institution. We serve in the Armed Forces of the United States. I serve in the Army, and I don't think that the Army is inept. This isn't a failure of the US Army as a whole, but it was due to the indiscretionary act of one person. He violated OPSEC (Operational Security) and he had no business taking sensitive information into his personal computer. This is HIS fault, and I hope he gets prosecuted to the fullest possible extent under the UCMJ. So please, like the parent said, no editioralization is necessary. We serve because we took an oath. We serve because we are professionals. We serve because words like Loyalty, Honor, Duty and Courage mean something to us. It doesn't mean that it means nothing to a civilian. But I hate it when people assume we are nothing but mindless drones. I, personally, try to keep politics away from the military. Which is why I don't endorse any side of political debate, when speaking as a soldier. I'm here to do a job, and I'm here as a professional.
Sorry for going so far off-topic.
Re:Once again. . . (Score:1, Informative)