4Law 29/6/06 Update

 

VA gets stolen laptop back

 

 

Baltimore Division, FBI



June 29, 2006

 

STOLEN LAPTOP AND EXTERNAL HARD DRIVE RECOVERED

 

Baltimore, Maryland The Veterans Administration OIG, the Federal Bureau of Investigation, and the Montgomery County Police Department announce the recovery of the stolen laptop computer and the external hard drive taken during a burglary on May 3, 2006. The electronic equipment contained sensitive information concerning over 26 million veterans and the recovery of the data has been of paramount concern. The protection of the sensitive data, and well being of those potentially affected, has made this investigation a number one priority for the investigating agencies. A preliminary review of the equipment by computer forensic teams determined that the database remains intact and has not been accessed since it was stolen. A thorough forensic examination is underway, and the results will be shared as soon as possible. The investigation is ongoing. The Veterans Administration OIG, the Federal Bureau of Investigation, and the Montgomery County Police Department would like to thank the United States Park Police for their invaluable work in this case. Their efforts led to the recovery of the equipment.

 

######

 

Baltimore Division, FBI

 

 

Video CBS Report/ Streaming/Save as or Open/WMP/4MB

 

4Law 23/6/06 Update

 

Whie House Reacts To Laptop Thefts With New Security Guidelines

 

White House Office of Management and Budget Memo

 

4Law 13/6/06 Update

 

VA Computer Drive Loss May Affect Active, Reserve Records

 

13/06/2006

 

Message from Chief of Staff, Sergeant Major of the Army

 

As you are likely aware, the Department of Veterans Affairs recently lost a computer drive with the identifying information (names, SSNs and dates of birth) of as many as 20 million veterans.

We now know that many active and reserve service members may be affected. Although there is no evidence that the data has been used illegally, all Soldiers should be extra vigilant with regard to their financial well-being.

You should closely monitor your personal financial affairs while the DoD, VA and the Military Services work in earnest to determine the details and impacts of the compromise.

We ask that you carefully monitor your bank accounts, credit card accounts and any other financial accounts for suspicious activity.

For more information on how to protect yourself, contact DoD's Military One Source at www.militaryonesource.com or 1-800-342-9647.

The Army will work to keep you informed and ensure that you are aware of the resources available to help deal with this issue.

 

Peter J. Schoomaker
General, United States Army
Chief of Staff

Kenneth O. Preston
Sergeant Major of the Army

 

4Law 6/6/06 Update

 

Update - Police Ask Public to be on Lookout for Stolen Laptop

 

Montgomery County Police detectives are working in cooperation with the Federal Bureau of Investigation (FBI) and the Department of Veterans Affairs Office of the Inspector General (VA OIG) in the investigation into the stolen laptop and external hard drive containing identifying information for millions of veterans.

On May 25, 2006, Montgomery County Police announced a reward of up to $50,000, provided by the VA OIG and the FBI, for information provided through the Crime Solvers of Montgomery County organization that leads to the recovery of the laptop and external hard drive.

Montgomery County Police detectives have been actively disseminating this information throughout Aspen Hill and its surrounding communities. The laptop and external hard drive were stolen during a residential burglary that occurred on May 3, 2006, in the Aspen Hill area.

Detectives are now asking anyone who purchased a second-hand or used Hewlett Packard (HP) Laptop model #zv5360us or HP External Personal Media Drive, after May 3, to call Montgomery County Crime Solvers at 1-866-411-TIPS (8477).

It is still possible that the suspect or suspects responsible for the theft did not have knowledge of what information was stored on the hard drive, and may have sold these items.

Anyone who may have this stolen property can turn it in anonymously and become eligible for the reward.

 

LEHB:lehb

 

4Law 29/5/06 Update

 

 

Stolen Laptop Information Disaster Hebrew Article by Boaz Guttman Adv. 21/4/01 Israeli Government Tech Site

 

21.4.01 "

 

Conclusion.

Limit the amount of personal information stored on your personal computer.

Files containing personal information should be encrypted and password protected.

Encryption software is available at most retail stores that sell computer software.

Make sure computers connected to the Internet are protected with physical or software firewalls.

Use passwords to protect all accounts on your personal computer.

 

 

4Law English background - Monitoring the laptops theft probe . In Beijing University twice filmed by the police a man stealing laptops. After statistics revealed that, in a short period of 1 month , in Beijing University 8 similar cases of stolen laptops, as well as 5 mobile phones stolen , the police suspected that in 2 video surveillance camera the man was probably at Beijing University in 8 cases of stolen laptops. In May 11 2006, when the suspect again went to Beijing University, he was arrested by Beijing police. Subsequently police searched the suspects in Beijing, where police discovered a special version of the diary of his girlfriend in recorded daily "income". Currently, the suspect of the laptops theft, and his girlfriend arrested by the Beijing police.

 

4Law 26/5/06

 

26 million veterans' personal information in laptop - stolen

 

5/25/2006

 

$50,000 Reward Offered for Return Of Electronic Data Containing Veterans Information

 

Today, the Department of Veterans Affairs Office of Inspector General (VA OIG) and the Federal Bureau of Investigation (FBI) have announced a $50,000 reward through the Montgomery County Crime Solvers organization, for information that leads to the recovery of a laptop computer and external hard drive that contained personal information for millions of veterans.

Montgomery County Police are working with the FBI and the VA OIG in the investigation of a residential burglary that occurred on May 3, 2006, in the Aspen Hill community of Montgomery County. Taken during that burglary was a laptop computer and external hard drive which contained identifying information for approximately 26.5 million veterans.

At this stage of the investigation there is no evidence that the suspect or suspects responsible for the theft had any knowledge of what information was stored on the hard drive.
The primary objective of the investigation is the recovery of the laptop and external hard drive. Anyone who can provide information that leads to the recovery of the laptop and external hard drive that contains the veterans data should call Crime Solvers of Montgomery County at 1-866-411-TIPS (8477). A cash reward of $50,000 will be paid for information provided to the Crime Solvers tip line that leads to the recovery of these items.

 

LHB/EMB

 

 

 

Stolen data of US veterans may cost $500m - Data on 26.5 mln US veterans stolen

 

The stolen information was not encrypted or "scrambled"

The theft of the personal information of 26.5 million U.S. veterans may cost Americans taxpayers as much as 500 million U.S. dollars, Veterans Affairs Secretary Jim Nicholson said on Thursday. Testifying before the House Committee on Veterans Affairs, Nicholson said it might cost 100 million dollars and as much as 500 million dollars to prevent and cover potential losses. He said there was no sign that the veterans' stolen information, which included their names, Social Security numbers and birth dates, was being used for fraud at the moment. The data related to veterans discharged from the military since 1975. The department employee who had taken the data home without authorization and had the information stolen from his residence was placed on administrative leave, he said. Nicholson said he was "mad as hell" that he wasn't told about the burglary until May 16, nearly two weeks after it took place on May 3. He told the FBI on May 17 and the incident was made public on May 22. "The employee, a data analyst, was authorized access to sensitive VA information in the performance of his duties and responsibilities. He said that he routinely took such data home to work on it, and had been doing so since 2003," VAOIG George Opfer said during the Thursday hearing. Opfer also laid out a string of criticism of his agency's IT security to the Senate, repeating what he'd said in a briefing report filed this week that said he'd noted "material weaknesses" in the VA's security provisions since 2001. "The VA is at risk of denial of service attacks, disruption of mission-critical systems, and unauthorized access to sensitive data," he said at the hearing. "By not controlling and monitoring employee access, not restricting users to only need-to-know data, and not timely terminating accounts upon employee departure, VA has not prevented potential risk," he went on.

 

 

 

Video CBS Report/ Streaming/Save as or Open/WMP/4MB

 

 

The Theft: A Timeline

 

 

 

The secretary of veterans affairs and the VA inspector general yesterday detailed the chain of events that followed the theft of the personal information of 26.5 million veterans this month:

May 3: VA data analyst's home burglarized. The worker reports the theft of a laptop computer and an external drive to Montgomery County police, and to his supervisor. Local police begin investigating.

May 10: An information security officer for the VA inspector general learns of the theft through an off hand comment at a routine VA meeting. The IG employee gathers more information and submits a written report to his supervisor the next day.

May 12: The inspector general begins a criminal investigation.

May 15: Inspector general staff interview the data analyst.

May 16: Inspector general staff meet with Montgomery County police. They tell police that the personal information of millions of veterans was stored in the stolen equipment. VA Secretary Jim Nicholson is told of the burglary for the first time.

May 17: The inspector general tells the FBI and an assistant U.S. attorney about the burglary and loss of data. FBI, IG and Montgomery County police begin a joint investigation.

May 22: Nicholson informs members of Congress and the public.

 

 

SOURCES: Testimony of VA Secretary Jim Nicholson, VA Inspector General George J. Opfer, Montgomery County police.

 

Fool the Media

 

 

HOUSE COMMITTEE ON VETERANS AFFAIRS

Hearing on Failure of VAs Information Management

 

 

R. James Nicholson in his Testimony

Honorable R. James Nicholson


Secretary of Veterans Affairs


(Prepared Testimony | PDF)

 

 

Honorable George J. Opfer


Inspector General


Department of Veterans Affairs


(Prepared Testimony | PDF)

 

Audio Coverage

Information on Veterans Affairs Data Security Issue

 

Latest Information on Veterans Affairs Data Security

 

Letter to the Veterans

 

Fool the Media

 

 

 

$50,000 Reward for the data? So what?

http://www.computerworld.com/blogs/node/2623

Fool the Media

 

 


 

 

 

 

 

 

 

 

 

 

 

"All Russia on 1  Disk" - FSB on the  Federal Tax Service  Hacking Case

4Law  English Background 4/2/06

In Moscow are  detained more than 10 suspects in distribution and illegal production of computer disks with data of  the federal tax service -  disks were on free sale. Inspectors are assured, that the information has been stolen. The main question - who has organized this huge hacking ? A disk was sold for 3000 roubles in the market it was possible to buy practically any database "All Russia on 1  Disk". Now,   FSB sais, it will be more difficultly. Basics FSB Memo - `With policemen detained a number of  persons involved in illegal purchase, manufacture  of large parties of electronic data containing database with data, commercial, tax and bank secret.  For mass duplicating the specified database  tens thousand electronic copies prepared for sale.Operation actions are simultaneously lead in key points of selling,  apartments and in other established premises where it was the illegal production .Suppression of activity of the  facts of distribution of databases about incomes of physical persons.The mentioned data according to item 102 of the Tax code of the Russian Federation make tax secret. The specified information files are comprised by the data presumably stolen from systems of personified account FTS of Russia and is possible other bodies of the financial control.Investigation is ongoing...` - Federal Tax Service Site - English Side