Say That Again

by Mike Masnick

VA Hopes Data Thieves Are Stupid

from the one-way-to-protect-data dept

While there's been plenty of talk about how a VA employee brought lots of confidential personal data home with him only to have it all stolen in a burglary, some are noticing that the VA's response has been a bit odd. While they're giving the standard talk about how you should check your credit reports and watch for any suspicious activity, they're also going around and telling people they probably shouldn't worry because the thieves probably have no idea what they stole. Of course, now that they're blasting it all over the internet, perhaps the crooks will be alerted to what they stole. Either way, it seems like a pretty weak response to not protecting the data.

Reader Comments (rss)

(Flattened / Threaded)

  1. identicon
    Ima Winna!, May 23rd, 2006 @ 7:07pm

    First Post!!!

    reply to this | link to this | view in thread ]

  2. identicon
    Digital Angel, May 23rd, 2006 @ 7:24pm

    Screwed Up

    I live in VA and theya re a screwed up backwards commenwealth, that drives people to be poor, of course they don't care about their backbone of the local people

    reply to this | link to this | view in thread ]

  3. identicon
    umm.., May 23rd, 2006 @ 7:25pm

    is the laptop going to be used for wuts on it?

    well if the idiot is more than a crackhead lookin to score some bucks selling the laptop for some money, then no..but thats if the person that bought the laptop is an idiot sure itll end up in someones hands thatll know wut to do with it

    reply to this | link to this | view in thread ]

  4. identicon
    um_duh, May 23rd, 2006 @ 7:31pm

    Re: Screwed Up

    so you live in VA huh, obviously the people in VA must be screwed up because you are completely off subject!!!

    reply to this | link to this | view in thread ]

  5. identicon
    Rick, May 23rd, 2006 @ 7:32pm

    Re: Screwed Up

    It's probably due to the incompetant boobs like you who don't realize VA in this instance means Veterans Administration - not Virginia. Try watching the news and get a clue.

    As for the VA hoping the thieves are stupid, how do they justify their own stupidity in losing the data in the first place?

    Stupid begets stupid - oops, sorry back to talking about Virginia again - lol.

    reply to this | link to this | view in thread ]

  6. identicon
    umm_duh, May 23rd, 2006 @ 7:34pm

    Re: Re: Screwed Up

    The problem with the VA, like many organizations is the stupidity of people, not the organization or company. Many corporations and organizations have procedures in place, but ultimately it is up to the people to follow them. What would you suggest they do differently?

    reply to this | link to this | view in thread ]

  7. identicon
    Frink, May 23rd, 2006 @ 7:40pm

    You have to believe that the person in possession of this information now knows the value of it and will auction it off to the highest bidder. Name, date of birth and Social Security numbers will get someone a lot of return from identity theft.

    Makes me happy that I was skipped over in the very first draft lottery. My number came up as 332 out of 365. It also makes me very concerned for the millions of Vets at risk. The government will show very little concern and probably be able to do very little to help these victims. There is no excuse for this sort of security security lapse.

    reply to this | link to this | view in thread ]

  8. identicon
    jason, May 23rd, 2006 @ 8:04pm

    Idiot employee needs to be brought through the ringer for this one.

    The va needs to get it together too. I work for a defense contractor that employes 46000 people and every hard drive, laptop or desktop, is encripted. even if there is no FOYO or SBU on it. I realize it is not fool proof but a database of that nature should have some safeguards.

    and before the grammer police get me I know I spelled encripted wrong.

    reply to this | link to this | view in thread ]

  9. identicon
    Anonymous Coward, May 23rd, 2006 @ 8:29pm

    Re: Screwed Up

    First off, Virginia is a fine place to live, except, perhaps, for their dysfunctional Department of Transportation, and second, this story is about the Veterans Administration.

    reply to this | link to this | view in thread ]

  10. identicon
    Not A Saint, May 23rd, 2006 @ 10:11pm

    Better practices are sometimes hard learned

    I'm one of those veterans on the list and I am quite concerned. I've worked very hard to ensure I have good credit and a fair, though late, start at a decent retirement. However, I also know to monitor my credit on a regular basis and communicate with the credit reporting agencies immediately if something seems out of place. I learned that the hard way already so this will just be an ongoing trial for me.

    As for the VA. This is a hard lessoned learned and it will assuredly cause them some PR problems that will be an uphill battle to remedy. I've worked with quite a few banks and insurance companies over the years that understand just how valuable their customer data is. There are certain standards and regulatory compliance requirements that they are generally very strict about maintaining. The government, in general, is supposed to follow the same strict guidelines and is usually very protective of personal data. What this tells me is that the VA allowed a breach of compliance with certain standards and that they need a very serious audit and re-vamp of their data management processes.

    The only data a developer should ever be allowed to see, let alone copy, should be dummy data provided for the purpose of testing. Never the actual data...

    reply to this | link to this | view in thread ]

  11. identicon
    Don, May 23rd, 2006 @ 10:35pm

    First, this is a prime example of why large scale data collections, especially by the government, is often a bad idea. No matter how good the tech, some human action, intention or otherwise will almost certainly comprise such data stores or leave them vulnerable to hacking.

    Secondly, the assertion in the story that there is no evidence the theft was intended for that data specifically makes me leary. Unless the employee frequently took home sensitive data (and without permission according to the story) I find the timing of the robbery suspect. "Amazing coincidences" tend to raise my BS radar. Also stealing a laptop I can understand, but stealing disks? Not likely unless they had good reason to know they might contain very valuable information (meaning they knew, or had word from someone who knew, the victim and what he did for a living).

    reply to this | link to this | view in thread ]

  12. identicon
    DJ Twiztid, May 23rd, 2006 @ 10:39pm

    Our US Government

    Ya know I worked for an insurance company for years. I've yet to see a VA Hospital actually do their job right. I try to help people get claims paid as much as I can but they are just stupid. It's nice to know our government cares this much about our well being and money. So honestly this doesn't surprise me in the least. Like they always say. Work for the government...get paid well and underworked.

    reply to this | link to this | view in thread ]

  13. identicon
    Neil Carver, May 23rd, 2006 @ 11:51pm

    Here is one possible solution

    For those on the list and anyone else concerned with identity theft, there is a way to protect yourself and your family. Click or paste this link and take a look; Credit Fraud is only a portion of what this service can watch for and fix.

    reply to this | link to this | view in thread ]

  14. identicon
    ThePengwin, May 23rd, 2006 @ 11:57pm

    Theives normally think

    "Hey this stuff looks valuable"

    Iand most of the time they are right

    reply to this | link to this | view in thread ]

  15. identicon
    FireMonkey, VA Employee, May 24th, 2006 @ 6:17am

    Re: Re: Screwed Up

    "It's probably due to the incompetant boobs like you who don't realize VA in this instance means Veterans Administration - not Virginia. Try watching the news and get a clue."

    Errr... It's actually the Department of Veterans Affairs...

    We should remember that most VA employees aren't this careless. The VA certainly isn't the well-oiled machine that many of us would hope, but the employees are generally hard working, good-hearted people that really try to do what's best for the veterans they serve. Let's not let this single jackass ruin it for the whole organization...

    reply to this | link to this | view in thread ]

  16. identicon
    William C Bonner, May 24th, 2006 @ 6:20am

    Veterans Administration vs. Virginia

    I read this as the veterans administration, and then the first several posts were trashing the state of virginia.

    I'm from the west coast, and trashing a federal governmental organization seems normal, trashing an individual state is less common, at least until it makes it into the mainstream national news.

    reply to this | link to this | view in thread ]

  17. identicon
    ZA, May 24th, 2006 @ 11:53am

    Re: stolen disks

    Their rationale is that the thief more than likely though they were music CDs. When he went to play them, nothing happened. They probably were tossed out the car window.

    This doesn't change the fact that some moron would bring home sensitive data and leave it lying around in his laptop bag no doubt. Are we sure this didn't happen in Virginia?

    As much as I don't care for Kerry, he is right, someone needs to be fired.

    reply to this | link to this | view in thread ]

  18. identicon
    fuk yall, Feb 21st, 2007 @ 8:04am

    why u say that thats fucked up i should kick yall asses dumb bitchs and my brother isn't stupid

    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.