4Law 29/6/06 Update
VA gets stolen laptop back
Baltimore Division, FBI
June 29, 2006
STOLEN LAPTOP AND EXTERNAL HARD DRIVE RECOVERED
Baltimore, Maryland – The Veterans Administration OIG, the Federal Bureau of Investigation, and the Montgomery County Police Department announce the recovery of the stolen laptop computer and the external hard drive taken during a burglary on May 3, 2006. The electronic equipment contained sensitive information concerning over 26 million veterans and the recovery of the data has been of paramount concern. The protection of the sensitive data, and well being of those potentially affected, has made this investigation a number one priority for the investigating agencies. A preliminary review of the equipment by computer forensic teams determined that the database remains intact and has not been accessed since it was stolen. A thorough forensic examination is underway, and the results will be shared as soon as possible. The investigation is ongoing. The Veterans Administration OIG, the Federal Bureau of Investigation, and the Montgomery County Police Department would like to thank the United States Park Police for their invaluable work in this case. Their efforts led to the recovery of the equipment.
4Law 23/6/06 Update
Whie House Reacts To Laptop Thefts With New Security Guidelines
4Law 13/6/06 Update
VA Computer Drive Loss May Affect Active, Reserve Records
Message from Chief of Staff, Sergeant Major of the Army
As you are likely aware, the Department of Veterans
Affairs recently lost a computer drive with the identifying information (names,
SSNs and dates of birth) of as many as 20 million
We now know that many active and reserve service members may be affected. Although there is no evidence that the data has been used illegally, all Soldiers should be extra vigilant with regard to their financial well-being.
You should closely monitor your personal financial affairs while the DoD, VA and the Military Services work in earnest to determine the details and impacts of the compromise.
We ask that you carefully monitor your bank accounts, credit card accounts and any other financial accounts for suspicious activity.
For more information on how to protect yourself, contact DoD's Military One Source at www.militaryonesource.com or 1-800-342-9647.
The Army will work to keep you informed and ensure that you are aware of the resources available to help deal with this issue.
Peter J. Schoomaker
General, United States Army
Chief of Staff
Kenneth O. Preston
Sergeant Major of the Army
4Law 6/6/06 Update
Update - Police Ask Public to be on Lookout for Stolen Laptop
Montgomery County Police detectives
are working in cooperation with the Federal Bureau of Investigation (FBI) and
the Department of Veterans Affairs Office of the Inspector General (VA OIG) in
the investigation into the stolen laptop and external hard drive containing
identifying information for millions of veterans.
On May 25, 2006, Montgomery County Police announced a reward of up to $50,000, provided by the VA OIG and the FBI, for information provided through the Crime Solvers of Montgomery County organization that leads to the recovery of the laptop and external hard drive.
Montgomery County Police detectives have been actively disseminating this information throughout Aspen Hill and its surrounding communities. The laptop and external hard drive were stolen during a residential burglary that occurred on May 3, 2006, in the Aspen Hill area.
Detectives are now asking anyone who purchased a second-hand or used Hewlett Packard (HP) Laptop model #zv5360us or HP External Personal Media Drive, after May 3, to call Montgomery County Crime Solvers at 1-866-411-TIPS (8477).
It is still possible that the suspect or suspects responsible for the theft did not have knowledge of what information was stored on the hard drive, and may have sold these items.
Anyone who may have this stolen property can turn it in anonymously and become eligible for the reward.
4Law 29/5/06 Update
• Conclusion. • Limit the
amount of personal information stored on your personal computer. • Files
containing personal information should be encrypted and password protected. • Encryption
software is available at most retail stores that sell computer software. • Make sure
computers connected to the Internet are protected with physical or software
firewalls. • Use
passwords to protect all accounts on your personal computer.
4Law English background - Monitoring the laptops theft probe . In Beijing University twice filmed by the police a man stealing laptops. After statistics revealed that, in a short period of 1 month , in Beijing University 8 similar cases of stolen laptops, as well as 5 mobile phones stolen , the police suspected that in 2 video surveillance camera the man was probably at Beijing University in 8 cases of stolen laptops. In May 11 2006, when the suspect again went to Beijing University, he was arrested by Beijing police. Subsequently police searched the suspects in Beijing, where police discovered a special version of the diary of his girlfriend in recorded daily "income". Currently, the suspect of the laptops theft, and his girlfriend arrested by the Beijing police.
$50,000 Reward Offered for Return Of Electronic Data Containing Veterans’ Information
Today, the Department of Veterans Affairs Office
of Inspector General (VA OIG) and the Federal Bureau of Investigation (FBI)
have announced a $50,000
reward through the Montgomery County Crime Solvers organization, for
information that leads to the recovery of a laptop computer and external hard
drive that contained personal information for millions of veterans.
Montgomery County Police are working with the FBI and the VA OIG in the investigation of a residential burglary that occurred on May 3, 2006, in the Aspen Hill community of Montgomery County. Taken during that burglary was a laptop computer and external hard drive which contained identifying information for approximately 26.5 million veterans.
At this stage of the investigation there is no evidence that the suspect or suspects responsible for the theft had any knowledge of what information was stored on the hard drive.
The primary objective of the investigation is the recovery of the laptop and external hard drive. Anyone who can provide information that leads to the recovery of the laptop and external hard drive that contains the veterans’ data should call Crime Solvers of Montgomery County at 1-866-411-TIPS (8477). A cash reward of $50,000 will be paid for information provided to the Crime Solvers tip line that leads to the recovery of these items.
Stolen data of US veterans may cost $500m - Data on 26.5 mln US veterans stolen
The stolen information was not encrypted or "scrambled"
The theft of the personal information of 26.5 million U.S. veterans may cost Americans taxpayers as much as 500 million U.S. dollars, Veterans Affairs Secretary Jim Nicholson said on Thursday. Testifying before the House Committee on Veterans Affairs, Nicholson said it might cost 100 million dollars and as much as 500 million dollars to prevent and cover potential losses. He said there was no sign that the veterans' stolen information, which included their names, Social Security numbers and birth dates, was being used for fraud at the moment. The data related to veterans discharged from the military since 1975. The department employee who had taken the data home without authorization and had the information stolen from his residence was placed on administrative leave, he said. Nicholson said he was "mad as hell" that he wasn't told about the burglary until May 16, nearly two weeks after it took place on May 3. He told the FBI on May 17 and the incident was made public on May 22. "The employee, a data analyst, was authorized access to sensitive VA information in the performance of his duties and responsibilities. He said that he routinely took such data home to work on it, and had been doing so since 2003," VAOIG George Opfer said during the Thursday hearing. Opfer also laid out a string of criticism of his agency's IT security to the Senate, repeating what he'd said in a briefing report filed this week that said he'd noted "material weaknesses" in the VA's security provisions since 2001. "The VA is at risk of denial of service attacks, disruption of mission-critical systems, and unauthorized access to sensitive data," he said at the hearing. "By not controlling and monitoring employee access, not restricting users to only need-to-know data, and not timely terminating accounts upon employee departure, VA has not prevented potential risk," he went on.
The Theft: A Timeline
The secretary of veterans affairs and the VA inspector general yesterday detailed the chain of events that followed the theft of the personal information of 26.5 million veterans this month:
May 3: VA data analyst's home burglarized. The worker reports the theft of a laptop computer and an external drive to Montgomery County police, and to his supervisor. Local police begin investigating.
May 10: An information security officer for the VA inspector general learns of the theft through an off hand comment at a routine VA meeting. The IG employee gathers more information and submits a written report to his supervisor the next day.
May 12: The inspector general begins a criminal investigation.
May 15: Inspector general staff interview the data analyst.
May 16: Inspector general staff meet with Montgomery County police. They tell police that the personal information of millions of veterans was stored in the stolen equipment. VA Secretary Jim Nicholson is told of the burglary for the first time.
May 17: The inspector general tells the FBI and an assistant U.S. attorney about the burglary and loss of data. FBI, IG and Montgomery County police begin a joint investigation.
May 22: Nicholson informs members of Congress and the public.
Fool the Media
COMMITTEE ON VETERANS’ AFFAIRS
Hearing on Failure of VA’s Information Management
R. James Nicholson in his Testimony
Honorable R. James Nicholson
Secretary of Veterans Affairs
Honorable George J. Opfer
Department of Veterans Affairs
Fool the Media
$50,000 Reward for the data? So what?
Fool the Media
"All Russia on 1 Disk" - FSB on the Federal Tax Service Hacking Case
4Law English Background 4/2/06
In Moscow are detained more than 10 suspects
in distribution and illegal production of computer disks with data of the
federal tax service - disks were on free sale. Inspectors are assured, that the information has been stolen. The main
question - who has organized this huge hacking ? A
disk was sold for 3000 roubles in the market it was
possible to buy practically any database – "All Russia on 1 Disk". Now, FSB sais, it will be more difficultly. Basics FSB Memo - `With policemen
detained a number of persons involved in illegal purchase,
manufacture of large parties of electronic data containing database with
data, commercial, tax and bank secret. For mass duplicating the specified
database tens thousand electronic copies
prepared for sale.Operation actions are
simultaneously lead in key points of selling, apartments and in other
established premises where it was the illegal production .Suppression of
activity of the facts of distribution of databases about incomes of
physical persons.The mentioned data according to item
102 of the Tax code of the Russian Federation make tax secret. The specified
information files are comprised by the data presumably stolen from systems of
personified account FTS of Russia and is possible other bodies of the financial
control.Investigation is ongoing...` - Federal Tax Service
Site - English Side