Source: Theft of vets' data kept secret for 19 days
Social Security numbers of 26 million-plus veterans stolen
YOUR E-MAIL ALERTS
WASHINGTON (CNN) -- Authorities waited almost three weeks to alert the public that personal data on more than 26 million U.S. veterans had fallen into the hands of thieves, a government source said Tuesday.
The data were on a laptop and external drive stolen May 3 in an apparent random burglary from the Montgomery County, Maryland, home of a Department of Veterans Affairs computer analyst, said the government source, who has been briefed on the issue.
The government did not immediately announce the theft because officials had hoped to catch the culprits and did not want to tip them off about what they had stolen for fear they would sell it, the government source said.
On Monday, officials abandoned that plan and alerted the public.
Attorney General Alberto Gonzales said Tuesday that his department acted quickly.
"As soon as we were notified of the problem, we sprang into action," he said. "I'm focusing on what we can do moving forward to successfully conclude this investigation. Specific questions about what may have happened before, I'll refer to the VA."
The computer disk contained the names, Social Security numbers and birth dates of every living veteran from 1975 to the present, Veterans Affairs Secretary Jim Nicholson said Monday.
Nicholson told reporters that the FBI and the department's inspector general are investigating the matter.
Nicholson and Gonzales said there was no indication that the information has been misused.
The missing data do not include health records or financial information, the department said. They do include some disability ratings and data on some veterans' spouses. (Watch the implications of the security breach -- 2:23)
Nicholson said the analyst has been placed on administrative leave during the investigation but that no "ulterior motive" is suspected. The analyst is a longtime department employee but was not authorized to take the information home, he said.
Nicholson disclosed few details about the theft, citing the investigation. But he told CNN earlier, "We think that it wasn't a targeted burglary.
"They weren't after this [data]," he said. "There's a pattern of these kind of burglaries in this neighborhood."
But the missing information could be gold for electronic identity thieves, who operate hundreds of Internet sites where personal information is bought and sold.
"It's a pretty dire situation," said Rutrell Yasin, technology editor of Federal Computer Week, which covers computer and information technology issues in the federal government. "You have to hope that information is not in the hands of people who know what to do with it."
Yasin said the theft should be a wake-up call to federal agencies.
"They should certainly have the necessary security on their computers, secure communications links that would protect personal data," Yasin said.
Gonzales and Deborah Platt Majoras, chairwoman of the Federal Trade Commission, lead the Bush administration's identity theft task force. Gonzales vowed federal prosecutors would have "zero tolerance" for anyone implicated in trafficking in veterans' personal data.
"We have no reason to believe at this time that the identity of these veterans have been compromised," he said. "But we feel an obligation to alert veterans so that they can take the appropriate steps to protect this information."
The VA sent a letter to veterans informing them of the stolen data. Anyone with questions can contact the agency at (800) 333-4636 or through the federal government's Web portal, www.firstgov.gov.
The FBI said its Baltimore, Maryland, field office is investigating, and Gonzales said the bureau was working in conjunction with local authorities.
Nicholson vowed to take steps to ensure such a mistake is not repeated, including mandatory security training in the next month for all employees with access to private information.
Lawmakers cite concerns
Lawmakers also expressed concerns about the stolen data.
Sen. Larry Craig, chairman of the Senate Committee on Veterans' Affairs, said Monday that all veterans should be "vigilant" in monitoring their financial information for suspicious activity.
"I've got to ask -- and certainly I have to ask it of not only the VA but all of government -- why can a data analyst take all of this information home?" the Idaho Republican said. "That's a breach of security -- in today's concern about ID theft -- that is huge.
"Of course, I think it awakened the secretary to the vulnerability within his own organization, and that's true, I would guess, across government."
Rep. Steve Buyer, Craig's counterpart in the House, said he is "deeply concerned."
"I expect VA's inspector general and the FBI to work closely together so that we can identify and eliminate the flaws that allowed this leak and prosecute any criminal acts," the Indiana Republican said in a written statement.
"I know that VA is taking steps to notify veterans and provide help on consumer identity protection. The committee will examine this incident in the context of previous data compromises, to ensure that veterans' information is safeguarded."
CNN's Terry Frieden, John King and Marsha Walton contributed to this report.
|© 2007 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us. Site Map.