JAGO
10-02-2009, 07:01
http://federalnewsradio.com/?nid=35&sid=1776271
National Archives IG investigates possible data breach affecting millions of vets
October 2, 2009
By Jason Miller
and Dorothy Ramienski
FederalNewsRadio
The inspector general of the National Archives and Records Administration is investigating a potential data breach affecting tens of millions of records about U.S. military veterans.
The issue involves a defective hard drive the agency sent back to its vendor for repair and recycling without first destroying the data on it.
The investigation began in November 2008, and the IG reported the issue to NARA senior management in September, according to a document provided to FederalNewsRadio by NARA.
The potential breach could include names, military identification and social security numbers and other personal information.
Wired.com first reported the potential breach.
The hard drive helped power eVetRecs, the system used by vets to get copies of their records and discharge papers.
The lost drive incident was first reported to NARA's IG by a NARA IT manager, who says this puts over 70 million vets at risk of identity theft, among other problems.
NARA countered that by saying the lost drive is not a problem because of privacy promises signed by contractors.
"Accordingly, NARA does not believe that a breach of personal identifiable information occurred, and therefore does not believe that notification is necessary or appropriate at this time," NARA states in the document.
NARA's chief information officer says it launched its own internal investigation and found:
Only authorized individuals and contractors had access to the disk;
The contract included appropriate privacy protection requirements, which also applied to all subcontractors;
There is no evidence that the contractors that handled the disk engaged in improper activity;
The disk was determined by experts to be inoperable and not feasible to repair.
A NARA IG spokesman says the investigation still is ongoing and there is no timetable for it to be completed.
---
On the Web:
NARA -- Background on Defective November 2008 CMRS Hard Disk Drive
(Copyright 2009 by FederalNewsRadio.com. All Rights Reserved.)
back
National Archives IG investigates possible data breach affecting millions of vets
October 2, 2009
By Jason Miller
and Dorothy Ramienski
FederalNewsRadio
The inspector general of the National Archives and Records Administration is investigating a potential data breach affecting tens of millions of records about U.S. military veterans.
The issue involves a defective hard drive the agency sent back to its vendor for repair and recycling without first destroying the data on it.
The investigation began in November 2008, and the IG reported the issue to NARA senior management in September, according to a document provided to FederalNewsRadio by NARA.
The potential breach could include names, military identification and social security numbers and other personal information.
Wired.com first reported the potential breach.
The hard drive helped power eVetRecs, the system used by vets to get copies of their records and discharge papers.
The lost drive incident was first reported to NARA's IG by a NARA IT manager, who says this puts over 70 million vets at risk of identity theft, among other problems.
NARA countered that by saying the lost drive is not a problem because of privacy promises signed by contractors.
"Accordingly, NARA does not believe that a breach of personal identifiable information occurred, and therefore does not believe that notification is necessary or appropriate at this time," NARA states in the document.
NARA's chief information officer says it launched its own internal investigation and found:
Only authorized individuals and contractors had access to the disk;
The contract included appropriate privacy protection requirements, which also applied to all subcontractors;
There is no evidence that the contractors that handled the disk engaged in improper activity;
The disk was determined by experts to be inoperable and not feasible to repair.
A NARA IG spokesman says the investigation still is ongoing and there is no timetable for it to be completed.
---
On the Web:
NARA -- Background on Defective November 2008 CMRS Hard Disk Drive
(Copyright 2009 by FederalNewsRadio.com. All Rights Reserved.)
back