VA Hopes Data Thieves Are Stupid

from the one-way-to-protect-data dept

While there’s been plenty of talk about how a VA employee brought lots of confidential personal data home with him only to have it all stolen in a burglary, some are noticing that the VA’s response has been a bit odd. While they’re giving the standard talk about how you should check your credit reports and watch for any suspicious activity, they’re also going around and telling people they probably shouldn’t worry because the thieves probably have no idea what they stole. Of course, now that they’re blasting it all over the internet, perhaps the crooks will be alerted to what they stole. Either way, it seems like a pretty weak response to not protecting the data.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “VA Hopes Data Thieves Are Stupid”

Subscribe: RSS Leave a comment
Rick says:

Re: Screwed Up

It’s probably due to the incompetant boobs like you who don’t realize VA in this instance means Veterans Administration – not Virginia. Try watching the news and get a clue.

As for the VA hoping the thieves are stupid, how do they justify their own stupidity in losing the data in the first place?

Stupid begets stupid – oops, sorry back to talking about Virginia again – lol.

FireMonkey, VA Employee says:

Re: Re: Screwed Up

“It’s probably due to the incompetant boobs like you who don’t realize VA in this instance means Veterans Administration – not Virginia. Try watching the news and get a clue.”

Errr… It’s actually the Department of Veterans Affairs

We should remember that most VA employees aren’t this careless. The VA certainly isn’t the well-oiled machine that many of us would hope, but the employees are generally hard working, good-hearted people that really try to do what’s best for the veterans they serve. Let’s not let this single jackass ruin it for the whole organization…

William C Bonner (profile) says:

Re: Re: Veterans Administration vs. Virginia

I read this as the veterans administration, and then the first several posts were trashing the state of virginia.

I’m from the west coast, and trashing a federal governmental organization seems normal, trashing an individual state is less common, at least until it makes it into the mainstream national news.

Frink says:

You have to believe that the person in possession of this information now knows the value of it and will auction it off to the highest bidder. Name, date of birth and Social Security numbers will get someone a lot of return from identity theft.

Makes me happy that I was skipped over in the very first draft lottery. My number came up as 332 out of 365. It also makes me very concerned for the millions of Vets at risk. The government will show very little concern and probably be able to do very little to help these victims. There is no excuse for this sort of security security lapse.

jason says:

Idiot employee needs to be brought through the ringer for this one.

The va needs to get it together too. I work for a defense contractor that employes 46000 people and every hard drive, laptop or desktop, is encripted. even if there is no FOYO or SBU on it. I realize it is not fool proof but a database of that nature should have some safeguards.

and before the grammer police get me I know I spelled encripted wrong.

Not A Saint says:

Better practices are sometimes hard learned

I’m one of those veterans on the list and I am quite concerned. I’ve worked very hard to ensure I have good credit and a fair, though late, start at a decent retirement. However, I also know to monitor my credit on a regular basis and communicate with the credit reporting agencies immediately if something seems out of place. I learned that the hard way already so this will just be an ongoing trial for me.

As for the VA. This is a hard lessoned learned and it will assuredly cause them some PR problems that will be an uphill battle to remedy. I’ve worked with quite a few banks and insurance companies over the years that understand just how valuable their customer data is. There are certain standards and regulatory compliance requirements that they are generally very strict about maintaining. The government, in general, is supposed to follow the same strict guidelines and is usually very protective of personal data. What this tells me is that the VA allowed a breach of compliance with certain standards and that they need a very serious audit and re-vamp of their data management processes.

The only data a developer should ever be allowed to see, let alone copy, should be dummy data provided for the purpose of testing. Never the actual data…

Don says:

First, this is a prime example of why large scale data collections, especially by the government, is often a bad idea. No matter how good the tech, some human action, intention or otherwise will almost certainly comprise such data stores or leave them vulnerable to hacking.

Secondly, the assertion in the story that there is no evidence the theft was intended for that data specifically makes me leary. Unless the employee frequently took home sensitive data (and without permission according to the story) I find the timing of the robbery suspect. “Amazing coincidences” tend to raise my BS radar. Also stealing a laptop I can understand, but stealing disks? Not likely unless they had good reason to know they might contain very valuable information (meaning they knew, or had word from someone who knew, the victim and what he did for a living).

ZA says:

Re: stolen disks

Their rationale is that the thief more than likely though they were music CDs. When he went to play them, nothing happened. They probably were tossed out the car window.

This doesn’t change the fact that some moron would bring home sensitive data and leave it lying around in his laptop bag no doubt. Are we sure this didn’t happen in Virginia?

As much as I don’t care for Kerry, he is right, someone needs to be fired.

DJ Twiztid says:

Our US Government

Ya know I worked for an insurance company for years. I’ve yet to see a VA Hospital actually do their job right. I try to help people get claims paid as much as I can but they are just stupid. It’s nice to know our government cares this much about our well being and money. So honestly this doesn’t surprise me in the least. Like they always say. Work for the government…get paid well and underworked.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...