Veteran Affairs Laptop

Rating - 0%
0   0   0
Joined
May 5, 2005
Messages
10,995
Likes
417
Location
Vermont, a Free State
Just got this info in an e-mail at work. Yes, I'm one that was affected, as well as several others here that had to also be affected.

The VA laptop that was stolen has apparently been recovered... no evidence that any personal information was accessed. Please share this CNN news link as appropriate.

http://www.cnn.com/2006/US/06/29/vets.security.ap/index.html

VA laptop recovered; FBI says data not accessed

Thursday, June 29, 2006; Posted: 1:11 p.m. EDT (17:11 GMT)


Veterans Affairs Secretary Jim Nicholson said Thursday there had been no reports of identity theft stemming from the May 3 burglary.

WASHINGTON (AP) -- The government has recovered a stolen laptop computer and hard drive with sensitive data on up to 26.5 million veterans and military personnel.

The FBI said Thursday there is no evidence that anyone accessed Social Security numbers and other data on the equipment.

Veterans Affairs Secretary Jim Nicholson, in announcing the recovery of the computer, said there have been no reports of identity theft stemming from the May 3 burglary at a VA employee's Maryland home.

The FBI, in a statement from its Baltimore field office, said a preliminary review of the equipment by its computer forensic teams "has determined that the data base remains intact and has not been accessed since it was stolen." More tests were planned, however.

Nicholson said the laptop and hard drive were turned in to the FBI. No suspects were in custody.

"This has brought to the light of day some real deficiencies in the manner we handled personal data," Nicholson said. "If there's a redeeming part of this, I think we can turn this around," he said.

An unidentified person turned the laptop in Wednesday to FBI agents in Baltimore, according Michelle Crnkovich, a spokeswoman for the Baltimore FBI field office.

Agents there conducted the initial forensic examination and were sending the laptop to the FBI in Washington for further tests, Crnkovich said.

Crnkovich said the tipster who turned in the laptop has not been charged and likely was not the thief. She said the FBI still believes the laptop was taken in a routine burglary and that the VA data was not the target. She did not know if the tipster was eligible for the $50,000 reward offered for information on the laptop's whereabouts.

Nicholson urged veterans to keep watch over their financial records until more tests are completed in the coming days. The VA's offer of free credit monitoring for a year is still in effect until subsequent tests are completed, he said.

Newly discovered documents show that the VA analyst blamed for losing the laptop had received permission to work from home with data that included millions of Social Security numbers and other personal information on veterans and military personnel.
 

Producer

NES Member
Rating - 100%
1   0   0
Joined
Dec 23, 2005
Messages
1,295
Likes
12
Location
Cape Cod
I got the notice last month. And I only did security consulting work for the US Navy back in 91'. Glad to see it turned in.
 
Rating - 0%
0   0   0
Joined
May 1, 2005
Messages
4,530
Likes
19
Location
Somerville, MA
that's got to be a relief. Though if you think about it, they're advertising that the credit watch is only being offered for a year. If somebody had taken those SSNs etc. they'd only have to wait 366 days to start trying out the info figuring that a decent chunk of those affected were feeling safe since nothing had happened...
 

MrsWildweasel

Moderator
NES Member
Rating - 0%
0   0   0
Joined
Feb 28, 2005
Messages
15,389
Likes
346
Location
Western MA
All 4 of us here had gotten the notification. Yes I'm glad they found it and I still believe the jerk need to be strung up. Good lord, what an idiot.
 

Len-2A Training

Instructor
Instructor
NES Life Member
NES Member
Rating - 98.3%
59   1   0
Joined
Feb 26, 2005
Messages
51,967
Likes
9,935
Location
Escaping to NH
No saying that someone didn't copy the data to be used later. Realizing that the machine was "hot", they probably dumped the laptop. But they could well have retained the valuable data to do damage with.

What's most interesting is that the companies or gov't agencies who are so sloppy with folks personal info are relatively impervious to damages that they so justly deserve!

We're victims of the ex-DEC/Compaq/HP retirees/ex-employees data that was stolen. We got nice letters, we can sign up for credit watch by giving up more of our personal data to third parties, meanwhile we can sweat but the company responsible goes on their merry way of doing business (employee took the laptop home with >50K employee data on it).
 

Len-2A Training

Instructor
Instructor
NES Life Member
NES Member
Rating - 98.3%
59   1   0
Joined
Feb 26, 2005
Messages
51,967
Likes
9,935
Location
Escaping to NH
Sue,

Nowhere near the end! These are just a few small "tips of the iceberg". Lots more stupidity where these came from.
 
Rating - 100%
49   0   0
Joined
Jun 7, 2005
Messages
23,187
Likes
995
Location
The Land of Confusion and Pissed off!
You know what's funny. We're running the Medicare Claims network. If you're on Medicare, and have an issue and call in, chances are you're calling our office.

We had to encrypt or whole network. And I mean it really slowed everything down. We had to encrypt our backup jobs.

If you have a laptop and you keep PHI data, or personal data. Any addresses, phone numbers, SSNs, anything that has to do with ANYONE, even if you have a home phone number for a coworker in an e-mail. You have to encrypt your hard drive.

If you take your laptop home with you...which most of us do. You can't leave it in your car. If you stop at Shaw's on the way home. You have to take your laptop into the grocery with you. If you stop off at 99 for a beer after work, you have to take your laptop with you. If you go into the bathroom, you have to take your laptop with you. You can't ask ANYONE to watch your laptop while you step out. Even a co-worker.

This is all set forth by our CMS/Medicare Security Team.

It's amazing that we're more stringent than the United States Government's security policies.
 

Chris

NES Member
Rating - 100%
6   0   0
Joined
May 24, 2005
Messages
10,588
Likes
1,659
Location
Just east of Zone 9, but in Worcester County.
I just love the way the media is spinning the story.

"FBI says that data had not been accessed. Although a sophisticated user could have copied the data without leaving any evidence."

Um... Perhaps for a dufus like the average journalist it would look like a really sophisticated user, but somehow booting in DOS mode and typing "copy XYX PDQ" doesn't seem all that sophisticated to me.
 

Len-2A Training

Instructor
Instructor
NES Life Member
NES Member
Rating - 98.3%
59   1   0
Joined
Feb 26, 2005
Messages
51,967
Likes
9,935
Location
Escaping to NH
It's amazing that we're more stringent than the United States Government's security policies.
C-pher,

Gov't makes the rules for EVERYONE ELSE to follow. They don't have to follow any rules themselves!
 

MrsWildweasel

Moderator
NES Member
Rating - 0%
0   0   0
Joined
Feb 28, 2005
Messages
15,389
Likes
346
Location
Western MA
Irony is I know the crap we had to go through in the Army, working on the site we worked at. Then again we fell under someone else too, just wore the Army green.
 

hminsky

NES Life Member
NES Member
Rating - 100%
60   0   0
Joined
Dec 2, 2005
Messages
7,493
Likes
3,096
Chris said:
I just love the way the media is spinning the story.

"FBI says that data had not been accessed. Although a sophisticated user could have copied the data without leaving any evidence."

Um... Perhaps for a dufus like the average journalist it would look like a really sophisticated user, but somehow booting in DOS mode and typing "copy XYX PDQ" doesn't seem all that sophisticated to me.

I was assuming that the filesystem has a timestamp for the last time each file is accessed. Not that you couldn't modify that, but it would take some care to cover your tracks. Assuming that the people who do forensic analysis on these things are really top notch they would be able to dissect the filesystem and find this kind of evidence .... however that is not necessarily a valid assumption.
 

Producer

NES Member
Rating - 100%
1   0   0
Joined
Dec 23, 2005
Messages
1,295
Likes
12
Location
Cape Cod
GLBA, SOX, DoD 8100, and HIPAA are not technical, and do not define a strict set of rules. They are general rules. A bunch of over paid talentless consultants are hired to throw out random polices to thousands of individual departments in various locations.

Which, I say right now, will be HUGE in about five years when people figure out all the security shit rules we did were a total waste of time. We need strict rules; ie "1) All documents but be stored in 3des on all laptops." "2) Laptops should never contain more then 1,000 records of sensitive data when on the road."

A simple rule should be the goal of all of these so called government standards. It is not. So the consulant that lost his laptop will get away from prosecution.

Sorry for my rant.
 
Rating - 100%
49   0   0
Joined
Jun 7, 2005
Messages
23,187
Likes
995
Location
The Land of Confusion and Pissed off!
hminsky said:
I was assuming that the filesystem has a timestamp for the last time each file is accessed. Not that you couldn't modify that, but it would take some care to cover your tracks. Assuming that the people who do forensic analysis on these things are really top notch they would be able to dissect the filesystem and find this kind of evidence .... however that is not necessarily a valid assumption.

Or you just get a copy of Norton Ghost. Take a complete image of the whole laptop. Give it back...it doesn't look like anything was done...because it really wasn't...

Then just put the image on another PC and start working with it...simple as that.
 

Producer

NES Member
Rating - 100%
1   0   0
Joined
Dec 23, 2005
Messages
1,295
Likes
12
Location
Cape Cod
C-pher said:
Or you just get a copy of Norton Ghost. Take a complete image of the whole laptop. Give it back...it doesn't look like anything was done...because it really wasn't...

Then just put the image on another PC and start working with it...simple as that.

An opossum just walked over my grave.

No wait they got it back, its all ok now.
 

hminsky

NES Life Member
NES Member
Rating - 100%
60   0   0
Joined
Dec 2, 2005
Messages
7,493
Likes
3,096
C-pher said:
Or you just get a copy of Norton Ghost. Take a complete image of the whole laptop. Give it back...it doesn't look like anything was done...because it really wasn't...

Then just put the image on another PC and start working with it...simple as that.
The firmware in ATA hard drives actually keeps a persistent rolling log on the disk of some exceptional events, timestamped by the number of milliseconds since last power on. I don't know if that could be analyzed to correlate out anything about whether the disk had been read since a certain date or not though.
 

Producer

NES Member
Rating - 100%
1   0   0
Joined
Dec 23, 2005
Messages
1,295
Likes
12
Location
Cape Cod
I know the last "power on" in the firmware. The OS does that also. I am pretty sure there is no easy way to know if it was copied.

Either way they probably started it up to see if the data was still there. I have no faith.
 
Top Bottom