In a shocking illustration of the truism that more integrated databases make for larger and more lucrative honeypots/ disaster magnets, the data of approximately 26.5 million US veterans was stolen recently. A Veterans' Affairs employee disregarded security protocols and took a laptop with sensitive data home, then the laptop was taken during a burglary at the employee's residence. Information stolen included the veterans' Social Security numbers, birthdates and in some cases a disability rating.
Using this information, sophisticated criminals could obtain credit reports, bank and credit card accounts and place of residence information to complete many or all of the requirements for identity theft. That in turn enables all kinds of fraud schemes that can do irreparable damage to individuals' credit ratings and finances.
Identity theft has become a serious problem in the USA. America has far fewer limits concerning the private or public collection, trade and custody of individuals' personal data, and there is little apparent liability for its misuse or associated negligence. The Direct Marketing Association and credit lobbies have been very effective, and consumers have been big, big losers in the bargain. This is just the latest of a series of major incidents, and it is unusual only in that it is an entirely public sector SNAFU.
Unfortunately, this particular incident has been compounded by questionable official actions...
The systems in question have been the subject of critical Inspector General security reports since 2001. Worse, Veterans' Affairs was notified of the potential problem immediately, but reportedly waited almost 2 weeks to contact law enforcement.
The US Senate and House Veterans' Affairs Committees will both be holding hearings on the data theft over the next little while. Expect a lot of shouting. Which, in this case, seems eminently justified.
Meanwhile, a Veterans' Affairs agent told Federal Computer Weekly that veterans need to monitor credit card activity and check with credit reporting agencies in order to spot identity theft. If it does occur, veterans should file a police report as well as a report to the Federal Trade Commission's identity theft Web site. Rep. John Salazar [D-CO] has even introduced legislation on May 23, 2006 to provide free credit monitoring and credit reports for veterans and others affected, plus appropriate notification procedures if a theft occurs.
Folks who are truly serious about helping out here might consider pushing for serious reform - which would include major reforms to a credit agency process that is anything but transparent, and deliberately consumer hostile when it comes to disputes, challenges, etc. It's precisely because of this stacked nature that identity theft is such a nightmare, and its consequences so lasting. For all the kerfuffle about the bankruptcy bill last year, the most significant ground for a reform that would truly help a lot of low-income people lies right here. Just don't expect much help from the Morans of the world [D-MBNA]....