Another Day, Another Data Leak
Personal information, including social security numbers, was stolen last month from the home of a VA official last month. Some 2.2 million people, including up to 80% of current active military personnel, are affected. The breakdown is 1.1 million active-duty military personnel, 430,000 National Guard members and 645,000 reserve members. The information includes names, dates of birth, and social security numbers.
One day, increasingly soon given the current rate of egregious data disclosures, anyone handling sensitive or confidential information will be required by law to encrypt it and protect it. Already, HIPAA and The Graham Leach Bliley Act place these requirements on entities that handle medical or financial information. While these are good ideas, they’re simply the first steps to providing comprehensive protection for all of everyone’s private information.
Particularly worrisome about this loss is the fact that while senior VA officials were aware of the loss within hours, it wasn’t until nearly TWO WEEKS later that the VA secretary was notified. According to the Washington Post article covering the data loss, the analyst who had the laptop and hard drive removed from his home had been taking the data for at least three years.