UPDATE: Stolen VA Laptop Recovered - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Hardware & Infrastructure

UPDATE: Stolen VA Laptop Recovered

Recovery of the equipment capped off a month of policy and personnel changes following the computer's theft.

When Veterans Affairs Department Secretary James Nicholson said Thursday that the infamous laptop and hard drive stolen from a VA employee's Maryland home last month had been recovered, the announcement capped a monthlong uproar over the state of data security in the federal government. Nicholson made his announcement during a House Committee on Veterans Affairs hearing to update legislators on the breach of 26.5 million records containing sensitive information on veterans and their spouses, which took place May 3 but wasn't made public until the end of the month.

After the theft, the VA hired forensic experts to determine how many records had been compromised. The next step was to implement a series of personnel changes in the Office of Policy and Planning, where the breach occurred, Gordon Mansfield, deputy secretary of Veterans Affairs, testified Thursday before the House committee. Nicholson also pushed for all VA employees to take cyber-security awareness and privacy awareness training by the end of June.

The VA's initial response to the data loss was to mail more than 17.5 million letters advising those affected of the data loss and providing them with contact information if they had questions. The department was in the process of issuing a request for proposals to vendors capable of providing credit monitoring to victims of the theft when it announced the stolen laptop had resurfaced.

Last week, the Federal District Court in Kentucky, which is hearing one of the class action lawsuits resulting from the data theft, issued a temporary restraining order barring the government from publicizing free credit monitoring services to veterans whose personal data was stolen. This court case also placed on hold the department's plans to perform a security review of all VA laptops, Mansfield testified. The department is now awaiting guidance from the courts.

Nicholson also directed the VA to conduct an inventory of all positions requiring access to sensitive VA data by August 31 to ensure that only those employees who need such access to do their jobs have it. "And we will be developing the procedures necessary to assure that employees have an appropriate level of background check in place, and that those be updated on a regular basis," Mansfield testified. "For example, the employee from whom data was stolen had not had a background investigation for 32 years."

The Veterans Administration Inspector General, Federal Bureau of Investigation, and Montgomery County Police Department collaborated to find the stolen computer equipment. A preliminary review of the equipment by computer forensic teams determined that the database remains intact and has not been accessed since it was stolen, the FBI said in a statement, adding that the investigation into the theft is ongoing. The computer was turned in Wednesday by an unidentified person. An FBI spokesperson said that the person had not been charged and was not a suspect in the burglary.

The theft was the biggest of several data thefts and hacks that the federal government has endured in the past month. In May, an Internal Revenue Service employee lost an agency laptop that contained sensitive personal information on 291 workers and job applicants. In late June the Agriculture Department revealed that a hacker had broken into its network and stolen names, Social Security numbers, and photos of 26,000 employees and contractors in the Washington area. On June 22 the Federal Trade Commission said two laptops with personally identifiable info on 110 people was stolen from a locked vehicle. That same day, the Navy said it was investigating how Social Security numbers and other personal data for 28,000 sailors and family members wound up on a civilian Web site.

But none of these had the impact of the colossal score a thief had perpetrated against the VA. It was a situation that called into question the government's policies toward handling sensitive data and how well employees know, and adhere to, those policies.

"This theft of VA data has been a wake up call to all of us--at VA and in government in general," Mansfield added.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll