4Law 29/6/06 Update
VA gets stolen laptop
back
Baltimore Division, FBI
June 29, 2006
STOLEN LAPTOP AND EXTERNAL HARD
DRIVE RECOVERED
Baltimore, Maryland – The Veterans Administration OIG,
the Federal Bureau of Investigation, and the Montgomery County Police
Department announce the recovery of the stolen laptop computer and the external
hard drive taken during a burglary on May 3, 2006. The electronic equipment
contained sensitive information concerning over 26 million veterans and the
recovery of the data has been of paramount concern. The protection of the
sensitive data, and well being of those potentially affected, has made this
investigation a number one priority for the investigating agencies. A
preliminary review of the equipment by computer forensic teams determined that
the database remains intact and has not been accessed since it was stolen. A
thorough forensic examination is underway, and the results will be shared as
soon as possible. The investigation is ongoing. The Veterans Administration
OIG, the Federal Bureau of Investigation, and the Montgomery County Police
Department would like to thank the United States Park Police for their
invaluable work in this case. Their efforts led to the recovery of the
equipment.
######
Video
CBS Report/ Streaming/Save as or Open/WMP/4MB
4Law 23/6/06 Update
Whie
House Reacts To Laptop Thefts With New Security
Guidelines
White House
Office of Management and Budget Memo
4Law 13/6/06 Update
VA Computer Drive Loss May Affect Active,
Reserve Records
13/06/2006
Message from Chief of Staff,
Sergeant Major of the Army
As you are likely aware, the Department of Veterans
Affairs recently lost a computer drive with the identifying information (names,
SSNs and dates of birth) of as many as 20 million
veterans.
We now know that many active and reserve service members may be affected.
Although there is no evidence that the data has been used illegally, all
Soldiers should be extra vigilant with regard to their financial well-being.
You should closely monitor your personal financial affairs while the DoD, VA and the Military Services
work in earnest to determine the details and impacts of the compromise.
We ask that you carefully monitor your bank accounts, credit card accounts and
any other financial accounts for suspicious activity.
For more information on how to protect yourself,
contact DoD's Military One Source at
www.militaryonesource.com or 1-800-342-9647.
The Army will work to keep you informed and ensure that you are aware of the
resources available to help deal with this issue.
Peter J. Schoomaker
General, United States Army
Chief of Staff
Kenneth O. Preston
Sergeant Major of the Army
4Law 6/6/06 Update
Update - Police Ask Public to be on Lookout
for Stolen Laptop
Montgomery County Police detectives
are working in cooperation with the Federal Bureau of Investigation (FBI) and
the Department of Veterans Affairs Office of the Inspector General (VA OIG) in
the investigation into the stolen laptop and external hard drive containing
identifying information for millions of veterans.
On May 25, 2006, Montgomery County Police announced a reward of up to $50,000,
provided by the VA OIG and the FBI, for information provided through the Crime
Solvers of Montgomery County organization that leads to the recovery of the
laptop and external hard drive.
Montgomery County Police detectives have been actively disseminating this
information throughout Aspen Hill and its surrounding communities. The laptop
and external hard drive were stolen during a residential burglary that occurred
on May 3, 2006, in the Aspen Hill area.
Detectives are now asking anyone who purchased a second-hand or used Hewlett
Packard (HP) Laptop model #zv5360us or HP External Personal Media Drive, after
May 3, to call Montgomery County Crime Solvers at 1-866-411-TIPS (8477).
It is still possible that the suspect or suspects responsible for the theft did
not have knowledge of what information was stored on the hard drive, and may
have sold these items.
Anyone who may have this stolen property can turn it in anonymously and become eligible
for the reward.
4Law 29/5/06 Update
âðáú îçùá ðéùà àñåï äîéãò 21.4.01 òå"ã áåòæ âåèîï – îàîø
áàúø èëðåìåâéåú äîéãò ùì îîùìú éùøàì
• Conclusion.
• Limit the
amount of personal information stored on your personal computer.
• Files
containing personal information should be encrypted and password protected.
• Encryption
software is available at most retail stores that sell computer software.
• Make sure
computers connected to the Internet are protected with physical or software
firewalls.
• Use
passwords to protect all accounts on your personal computer.
4Law English background - Monitoring
the laptops theft probe . In Beijing University twice
filmed by the police a man stealing laptops. After statistics revealed that, in
a short period of 1 month , in Beijing University 8 similar cases of stolen
laptops, as well as 5 mobile phones stolen , the police suspected that in 2
video surveillance camera the man was probably at Beijing University in 8 cases
of stolen laptops. In May 11 2006, when the suspect again went to Beijing
University, he was arrested by Beijing police. Subsequently police searched the
suspects in Beijing, where police discovered a special version of the diary of
his girlfriend in recorded daily "income". Currently, the suspect of
the laptops theft, and his girlfriend
arrested by the Beijing police.
4Law 26/5/06
5/25/2006
$50,000 Reward Offered for Return Of Electronic Data Containing Veterans’ Information
Today, the Department of Veterans Affairs Office
of Inspector General (VA OIG) and the Federal Bureau of Investigation (FBI)
have announced a $50,000
reward through the Montgomery County Crime Solvers organization, for
information that leads to the recovery of a laptop computer and external hard
drive that contained personal information for millions of veterans.
Montgomery County Police are working with the FBI and the VA OIG in the
investigation of a residential burglary that occurred on May 3, 2006, in the
Aspen Hill community of Montgomery County. Taken during that burglary was a
laptop computer and external hard drive which contained identifying information
for approximately 26.5 million veterans.
At this stage of the investigation there is no evidence that the suspect or
suspects responsible for the theft had any knowledge of what information was
stored on the hard drive.
The primary objective of the investigation is the recovery of the laptop and
external hard drive. Anyone who can provide information that leads to the
recovery of the laptop and external hard drive that contains the veterans’ data
should call Crime Solvers of Montgomery County at 1-866-411-TIPS (8477). A cash
reward of $50,000 will be paid for information provided to the Crime Solvers
tip line that leads to the recovery of these items.
Stolen data of US veterans may cost $500m -
Data on 26.5 mln US veterans stolen
The stolen information was not encrypted or
"scrambled"
The theft of the personal
information of 26.5 million U.S. veterans may cost Americans taxpayers as much
as 500 million U.S. dollars, Veterans
Affairs Secretary Jim Nicholson said on Thursday. Testifying before the House
Committee on Veterans Affairs, Nicholson said it might cost 100 million
dollars and as much as 500 million dollars to prevent and cover potential
losses. He said there was no sign that the veterans' stolen information,
which included their names, Social Security numbers and birth dates, was being
used for fraud at the moment. The data related to veterans discharged from the
military since 1975. The department employee who had taken the data home
without authorization and had the information stolen from his residence was
placed on administrative leave, he said. Nicholson said he was "mad as hell" that
he wasn't told about the burglary until May 16, nearly two weeks after it took
place on May 3. He told the FBI on May 17 and the incident was made public on
May 22. "The
employee, a data analyst, was authorized access to sensitive VA information in
the performance of his duties and responsibilities. He said that he routinely
took such data home to work on it, and had been doing so since 2003,"
VAOIG George Opfer said during the
Thursday hearing. Opfer also laid out a string of
criticism of his agency's IT security to the Senate, repeating what he'd said
in a briefing report filed this week that said he'd noted "material
weaknesses" in the VA's security provisions since 2001. "The VA is at
risk of denial of service attacks, disruption of mission-critical systems, and
unauthorized access to sensitive data," he said at the hearing. "By
not controlling and monitoring employee access, not restricting users to only
need-to-know data, and not timely terminating accounts upon employee departure,
VA has not prevented potential risk," he went on.
Video
CBS Report/ Streaming/Save as or Open/WMP/4MB
The Theft: A Timeline
The secretary of veterans affairs and the
VA inspector general yesterday detailed the chain of events that followed the
theft of the personal information of 26.5 million veterans this month:
May 3: VA
data analyst's home burglarized. The worker reports the theft of a laptop
computer and an external drive to Montgomery County police, and to his
supervisor. Local police begin investigating.
May 10: An
information security officer for the VA inspector general learns of the theft
through an off hand comment at a routine VA meeting. The IG employee gathers
more information and submits a written report to his supervisor the next day.
May 12: The
inspector general begins a criminal investigation.
May 15:
Inspector general staff interview the data analyst.
May 16:
Inspector general staff meet with Montgomery County
police. They tell police that the personal information of millions of veterans
was stored in the stolen equipment. VA Secretary Jim Nicholson is told of the
burglary for the first time.
May 17: The
inspector general tells the FBI and an assistant U.S. attorney about the
burglary and loss of data. FBI, IG and Montgomery County police begin a joint
investigation.
May 22:
Nicholson informs members of Congress and the public.
SOURCES: Testimony of VA
Secretary Jim Nicholson, VA
Inspector General George J. Opfer, Montgomery
County police.
Fool the Media
HOUSE
COMMITTEE ON VETERANS’ AFFAIRS
Hearing on Failure of VA’s Information Management
R. James Nicholson in his Testimony
Honorable R.
James Nicholson
Secretary of Veterans Affairs
Honorable George J. Opfer
Inspector General
Department of Veterans Affairs
Information on Veterans Affairs Data Security Issue
Latest Information on Veterans Affairs Data
Security
Fool the Media
$50,000 Reward for the
data? So what?
http://www.computerworld.com/blogs/node/2623
Fool the Media
"All
Russia on 1 Disk" - FSB on the Federal Tax
Service Hacking Case
4Law
English Background 4/2/06
In Moscow are detained more than 10 suspects
in distribution and illegal production of computer disks with data of the
federal tax service - disks were on free sale. Inspectors are assured, that the information has been stolen. The main
question - who has organized this huge hacking ? A
disk was sold for 3000 roubles in the market it was
possible to buy practically any database – "All Russia on 1 Disk". Now, FSB sais, it will be more difficultly. Basics FSB Memo - `With policemen
detained a number of persons involved in illegal purchase,
manufacture of large parties of electronic data containing database with
data, commercial, tax and bank secret. For mass duplicating the specified
database tens thousand electronic copies
prepared for sale.Operation actions are
simultaneously lead in key points of selling, apartments and in other
established premises where it was the illegal production .Suppression of
activity of the facts of distribution of databases about incomes of
physical persons.The mentioned data according to item
102 of the Tax code of the Russian Federation make tax secret. The specified
information files are comprised by the data presumably stolen from systems of
personified account FTS of Russia and is possible other bodies of the financial
control.Investigation is ongoing...` - Federal Tax Service
Site - English Side