Burglary appears to be random, says Veterans Affairs secretary

Monday, May 22, 2006; Posted: 5:46 p.m. EDT (21:46 GMT)
WASHINGTON (CNN) -- Personal information on 26.5 million veterans was stolen from the home of a data analyst in what appears to have been a random burglary, Veterans Affairs Secretary Jim Nicholson said Monday.

The computer records include names, Social Security numbers and dates of birth, Nicholson said. The Department of Veterans Affairs disclosed the theft Monday and said it has seen no indication that the information has been misused.

The missing data does not include health records or financial information, the department said. It does include some disability ratings and data on some veterans' spouses.

The VA would not identify the employee who was robbed or the location of the home, and would say only that the burglary happened this month.

Nicholson disclosed few details about the theft, citing an investigation by his department's inspector general and the FBI. But he said, "We think that it wasn't a targeted burglary."

"They weren't after this [data]," he told CNN. "There's a pattern of these kind of burglaries in this neighborhood."

The analyst took the data home without authorization, Nicholson said. Department spokesman Matt Burns said the employee has been put on administrative leave while the investigation is conducted.

Nicholson said the theft is "disturbing," but that there is no immediate reason for veterans to believe "anything unsavory is going on."

But the missing information can be gold for electronic identity thieves, who operate hundreds of Internet sites where personal information is bought and sold.

"It's a pretty dire situation," said Rutrell Yasin, technology editor of Federal Computer Week, which covers computer and information technology issues in the federal government. "You have to hope that information is not in the hands of people who know what to do with it."

Yasin said the incident should be a wake-up call to federal agencies.

"They should certainly have the necessary security on their computers, secure communications links that would protect personal data," Yasin told CNN.

The VA sent a letter to veterans informing them of the stolen data. Anyone with questions can contact the agency at 1-800-333-4636 or through the federal government's Web portal, www.firstgov.gov.

The department said Nicholson has briefed Attorney General Alberto Gonzales and Deborah Platt Majoras, the chairwoman of the Federal Trade Commission. Gonzales and Majoras lead the Bush administration's identity theft task force.

Hearings vowed
Several members of Congress expressed concerns about the incident.

Sen. Larry Craig, chairman of the Veterans Affairs Committee, said Monday that all veterans should be "vigilant" in monitoring their own financial information for suspicious activity.

"I've got to ask -- and certainly I have to ask it of not only the VA but all of government -- why can a data analyst take all of this information home?" the Idaho Republican told CNN. "That's a breach of security -- in today's concern about ID theft -- that is huge.

"Of course, I think it awakened the secretary to the vulnerability within his own organization, and that's true, I would guess, across government," he said.

Craig said authorities were still not certain whether the burglary was targeted or random, and he promised hearings "at the appropriate time."

"This is something now that really deserves our overview and a review by all of government as it relates to this kind of information and how it is being handled," he said.

Rep. Steve Buyer, Craig's counterpart in the House, said he is "deeply concerned" by the stolen data.

"I expect VA's inspector general and the FBI to work closely together so that we can identify and eliminate the flaws that allowed this leak and prosecute any criminal acts," the Indiana Republican said in a written statement.

"I know that VA is taking steps to notify veterans and provide help on consumer identity protection. The committee will examine this incident in the context of previous data compromises, to ensure that veterans' information is safeguarded," he said.

CNN's Marsha Walton contributed to this report.

Let me get this straight...

A federal government employee, who supposedly would have been privy to the US governments privacy and IT Security policies as part of that highly classified operation known as new employee orientation, brings home a disc containing not some, but ALL of the data on EVERY veteran alive. Then, mysteriously, a burglar enters the house and takes, allegedly among other items, that disc.

And this WASN'T a targeted burglary?

Yeah. Right.

Whoa, George as one of those conspiracy theory types!!! :D :D :p

Administrative leave my a$$, short trial, long visit to Levenworth, and restitution to any Vet.that gets ripped off.


Alan

Whoa, George as one of those conspiracy theory types!!! :D :D :p

Administrative leave my a$$, short trial, long visit to Levenworth, and restitution to any Vet.that gets ripped off.


Alan
No. More like, been there, done that.

What would you say about a bank robbery where the robber was in the passenger seat of a vehicle, no weapon shown, at the drive-thru (ballistic resistant glass-masonry walls) and the teller gives them thousands of dollars?

I know. I did, too.

That whole thing jumped out at me as well. I certainly hope the "targeted burglary" theory hasn't been totally dismissed out of hand. Something seriously stinks.

They talked about this on the radio this morning, and George, the general essance of your comments were reflected by the on-air staff. Pretty coinkydink that someone who should not have been in private possession of said records (by taking them home) should get burgled that same night.

Ohh I can see it coming! 2 years and $60 million bucks later, the investigation will end up stating "It was George Bush's fault". :D

I think I tend to agree with George on this one, something just doesn’t add up right. I don't recall them stating how many times this person took data like that home, so if this was a set pattern those other burglaries COULD have been nothing but a smoke screen. This person is a Data Analyst, which probably means he makes good money and has some pretty good technology at home, why would you waste time stealing burned CDs unless you had an idea that they had something worth stealing on them? Then again maybe he just had that disk labeled "PLEASE DON'T STEAL THIS ONE!”.

Or it simply could have been in a computer that was stolen by the burgler. I think we need some more information on this one.

Or it simply could have been in a computer that was stolen by the burgler. I think we need some more information on this one.

OI! Good point.

As a vet whose information could be on the stolen disc or computer, whichever, I am not thrilled at the prospect of my information being out there for whatever use may be in store for me and the other vets especially if it screws up my credit and robs my money. There must be some crazed computer genius out there in nerd land that could come up with some type of programming that could change data to preclude the identity theft in some manner or block the use of the data without prior authorization of the individual. My torture chamber is vacant right now so I have room for the person that took the stuff home with them.

Or it simply could have been in a computer that was stolen by the burgler. I think we need some more information on this one. There's not enough value in common home computers to make it worthwhile. Now, if someone knew this person had a "super duper" model of home computer...(oh wait, that goes back to that "targeted" thing again).

Also, thinking a little nerdy here, but a database with information on 26 million people is not something that would easily run on a common home computer.

1) I'm not buying the "common burglary" but maybe it's just something the PD are saying to throw off the guy?

2) 26 million vets should get the opportunity to personally slap the $h!t out of this person that works there and "stole" all their information. Administrative leave? Uh, you take the person that made this CD and took it home (against policy) and give them a desk job? :eek: :rolleyes:

Perhaps, but if the person had a lap top that they used to work at home, that would present a quick and easy grab for the burglar. There are some pretty powerful lap tops out there these days.

With several family members potentialy affected by this, especially with the spouses and children being added, I hope the investigators can act swiftly and put an end to this mess. (enough PC) I am also smelling a large amount of steer poo coming from this story, random burglary, YEA RIGHT!!
I wonder how much we are not being told.

George, did the teller get loaned a nice fashion accessory (stainless steel braclets)? :eek:

Alan

Hey, I'm not saying that you shouldn't be upset and that this isn't a potential nightmare for the people on the list. The information should not have been taken off site (I can't imagine that it was considered OK to do so) and that is certainly something the employee should be disciplined for.

I'm just not ready to buy into the grand conspiracy theory just yet.

One can only imagine George's bellyaching had this happened during the Clinton administration.

That being said. It is unsettling to me personally since I am one of those on the list.