Stolen VA Laptop Recovered 202
lancejjj writes "Remember how the VA was pinning the theft of 26.5 million veterans' personal records on a hard working-but-renegade employee whose laptop was stolen? Surprise! It turns out that the employee had written permission to bring the sensitive data home. Fortunately, the laptop has been recovered. It is still unclear how the laptop was recovered, or if any of the veterans' personal data was leaked."
Yeah, Fooooound (Score:3, Insightful)
Data Wasn't Accessed (Score:4, Insightful)
The US just needs data privacy laws (Score:5, Insightful)
That's what happens... (Score:2, Insightful)
Yeah... sure.
Why real data? (Score:5, Insightful)
Re:Data Wasn't Accessed (Score:3, Insightful)
However, how does the FBI know the data wasn't accessed?
Re:I'm sure it's safe (Score:2, Insightful)
Re:Data Wasn't Accessed (Score:4, Insightful)
Re:If he keeps his job (Score:5, Insightful)
Re:If he keeps his job (Score:5, Insightful)
Re:Data Wasn't Accessed (Score:5, Insightful)
Re:Nothing taken (Score:5, Insightful)
They gave us all a years worth of ID theft tracking service at a cost to the gov't of $(several millions?).
If a class action law suit against the VA for this debacle is successful it will cost them a lot more than that.
I am more than a little annoyed that they gave the guy permission to take the data home, and now they are firing him for having done so.
In spite of my feelings, I hope such a lawsuit fails, since it will only hurt those who rely on the VA's funding for their health care, etc.
The people who allowed this to happen certainly aren't going to give themselves a cut in pay!
Another whacked summary (Score:5, Insightful)
The VA still contends that the employee did not have permission to put the social security numbers on the computer and take it home.
Look at the timeline. He gets permission to access SSNs in February. He gets permission to take a laptop home in September. Sometime during the year he got permission to use a database program at home. It still sounds to me like he took a little personal initiative to take the SSN database home.
Still, the whole affair was handled pretty damn poorly, particularly the delay in reporting it, among other things.
-h-
Re:Yeah - laws that let the gov't have all access (Score:5, Insightful)
It's deeply flawed nevertheless (Score:3, Insightful)
What is needed is a far more positive identification system. Granted, it might be a piss-off to not be able to get instant credit to purchase that new thingamabob, but as things reach unmanageable proportions, something has to be done.
Re:Nothing taken (Score:3, Insightful)
Re:TrueCrypt (Score:4, Insightful)
Re:Nothing taken (Score:4, Insightful)
The real fault lies with the credit reporting/monitoring companies.
They have created a system where it's easy for anyone to get credit in another person's name. Their solution, of course, is to pay them to monitor your credit in case someone tries to do it.
The data is not very valuable for most ID theives if they cannot open up instant credit. So, the "solution" is to for the VA to pay the very companies that make it easy to get instant credit for monitoring services.
What a racket.
The easiest first step is to require those agencies to allow every person to put a credit freeze on their credit records. This would stop the instant credit and at the same time would stop a vast majority of the ID theft going on.
Those very same companies have lobbyist to prevent this, of course.
Re:I'm sure it's safe (Score:3, Insightful)
2) Identity theft on a large scale is nearly worthless because it's news. People get notified accounts get watched, you get caught if you use it. It's the small stuff where the harm happens. You get one person's identity and they don't know so you can abuse it for a couple months.
Re:If he keeps his job (Score:2, Insightful)
Load of tinfoil. (Score:4, Insightful)
Does your specially-formed tinfoil apparel help you to know these facts? The scoop is that someone turned it into the Baltimore FBI office, and they're keeping it quiet because the $50k reward was part of the picture. Their forensics people were the first ones to look at the machine, and that's what they do all day.
More likely whatever ever idiot looted the house and took the portable fencables really didn't know what to do with it, and probably saw the government markings on the machine later. Not something you can put on eBay or take to a pawn shop. And people like that are in the habit of asking their equally ass-hattish what friends to do with something like that. Obviously one of the more enterprising ones is looking to turn it into $50k.
Re:Nothing taken (Score:3, Insightful)
I don't see how the credit reporting/monitoring companies can fix this.
To me the problem is very simple. If I lose my keys, I don't put a "key watch" on my door to see if someone attempts to use the lost keys. I change the locks on the door and get new keys.
If the confidentiality of my social security number is lost then I need to get a new social security number.
Amusing aside (Score:2, Insightful)
Re:Nothing taken (Score:4, Insightful)
Is there any way in hell to determine when a read head moves over a piece of data? If there is (which I do not see how), how could it determine with any resolution of when that head passed over the data? One week, one month, one hour ago etc.. What ever magical thing they messure would have to decay away over time with some consistancy to determine WHEN it was last read.
On that note, boot up with Knoppix, mount hda1 read only (which is the default), mount a network share through lin neighborhood and copy \mnt\hda1 to \home\user\mounts\server\share. Shut off laptop and remove Knoppix cd. You can do that whole process in minutes and all with a gui if you'd like! We do that exact process at least once a week from tanked XP laptops that we need data from.
To get back to reality, if Joe random stole that laptop and was playing with it, he would probably not have the desire and knowledge to do the Knoppix thing or really even care about the actual data on the laptop at all. Someone specifically targetting this VA employee and that data could easily do it.
There's a big catch to the offer of free credit (Score:3, Insightful)
He's not going to cut any of the huge tax cut he gave his billionaire buddies. Kids will have to pay for it.
What an asshole!
I do not believe for one minute that they found the laptop.
Re:Nothing taken (Score:3, Insightful)
Where would you put them all? These people probably number in the millions, since they include everyone who thinks that a SSN is anything other than a personal name.