Did you get your letter? I did.

The Rocketry Forum

Help Support The Rocketry Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

flying_silverad

Well-Known Member
Joined
Jul 23, 2002
Messages
3,168
Reaction score
5
Dear Mr. Rowan-Stern...

We are sorry to inform you that you were one of many veterans, who's information was stolen on such and such a date. Now we don't think they'll be any problem, but you may want to board up all your windows, staple a GPS to your wifes leg, and maybe just move all of you money to a new off shore account. Oh...did we mention that you might need to monitor your credit history daily and change your SS#?




Just great.:kill:
 
Yep, I got the same one. I heard something on the news a few weeks ago they congress wanted the VA to give each person free credit reports for a year so we could monitor our SSN better.
 
While I am waiting for my letter, I would like each of my fellow vets to keep one thing in mind.

Odds are the laptop was stolen by someone interested in the laptop, not in the information on it. No, I'm not sure, however most of the thieving bastiches would not recognize the data as such. I will be vigilant, but not paranoid.

It's odd though. For two years I have been trying to deploy a pre-boot encryption system to our laptops and have found it all but impossible because you don't want to inconvenience the executives who might forget their password. I am sure the IT folks at the VA meet similar challenges.
 
I haven't received anything yet, but am waiting.

This whole situation makes me sick though. Boeing had a data loss last fall. Beings they admitted they made a mistake, in letting an individual have such an enormous amount of data, they've paid for a three-year subscription to a credit monitoring agency. Not that they should've ever lost it in the first place, but at least Boeing's made every attempt to rectify the situation.

The VA on the other hand has given us nothing . . .
 
Our state rep is fighting for free credit reports for a year. That's fine, but I just paid for mine. I agree with Al, it's nothing to get paranoid about but it's how the whole thing went down that bothers me. If the files never left the office, this never would have happened.
 
I got mine, I agree it is probably nothing but it just makes me mad that some drone does somthing against all the rules and common sense. Now a lot of people have to worry.
 
My dad got one of those. I'm kinda suspicious that an employee took the info home (why the heck would he do that?) and it was stolen...something just isn't right here. And Iagree that something needs to be done here. folks, a letter just ain't gonna cut it.
 
I got a letter warning me that information had been stolen and to be cautious "of any phone calls, e-mails and other communications from individuals claiming to be from VA or other official sources, asking for your personal information or verification of it".
There is also contact info if I receive any such communications and a question and answer sheet explaining some things.
Hopefully that means none of my info was compromised.

As for how it could have happened....
Let me just say this, almost 100% of the civilian employees of the military and the VA with which I have dealt are there to get a paycheck and are to a person almost completely worthless; the soldiers, sailors, Marines, and airmen (& women) are an absolute inconvienence to them it seems.
I stopped at our USP&FO (pay and finance office) once and stood at the help window while NO ONE bothered to help.
They had their desks arranged in squares of four and at one square a woman's phone was ringing (she had just gotten up and walked over to a copy machine about 10 feet away) and none of the other 3 would answer it.
She had turned when it rang and looked at it but let voice mail get it.
She didn't even check the voice mail when she got back to her desk.

Yeah, some idiot took a laptop or something home, knowing they weren't supposed to and it was stolen.
No problem seeing that happen whatsoever.
 
Originally posted by Hospital_Rocket
... trying to deploy a pre-boot encryption system to our laptops and have found it all but impossible because you don't want to inconvenience the executives who might forget their password.....

Simple off the shelf solution is PGP

As for executives, when discussing the situation, just give them a memo summarizing the latest data loss along with a simple bill for monitoring the data on their laptop if it was lost.

Should change a few minds.
 
impossible because you don't want to inconvenience the executives who might forget their password

heck, most executives can't even type!!!

Angelo is on the right track - when the database owners are liable for damages caused by their databases, they'll be a lot more careful with accuracy and access. it's like that in Europe now, but US doesn't have the will to pass laws like that. but we need it.
 
Nice to know Im not the only vet whose SS# might be stolen. I would rather go back and dodge some more bullets than have my SS# ripped off.

Not to fret though probably not going to amount to much ;)
 
Originally posted by sunward
Simple off the shelf solution is PGP

As for executives, when discussing the situation, just give them a memo summarizing the latest data loss along with a simple bill for monitoring the data on their laptop if it was lost.

Should change a few minds.

Oh...Angelo

Been there done that. We are now prepping to deploy GuardianEdge Encryprtion Software, which is the flagship of data storage.

It took this final sacrifice by those of us who wore a uniform to push my organization over the edge. However the kind of things that scare me more are:
  • Writeable CDs
  • Jump Drives
  • iPods
  • PDA's
The number of ways data can be mismanaged would just scare you to death. Worse, when people go to work and someone from IT tells them ; "no you can't do that" and they actively look for ways to remove or shortcut all our attempts at security, it keeps us awake at night.

/rant
 
The latest reports indicate that as much as 80% of Active Duty servicemembers may have been affected too. I wonder if I'll get the letter as well.:(
 
Finally . . . I just received a "retiree" e-mail from the Air Force. The VA has announced we're all to receive one free year of credit monitoring.

Of course, this data loss should've never happened in the first place.
 
Originally posted by akpilot
The VA has announced we're all to receive one free year of credit monitoring.

Do you know how/where we will get the free year of credit monitoring? (My email has changed since leaving the Air Force and I have not gotten that email)
 
Originally posted by Rocketmaniac
Do you know how/where we will get the free year of credit monitoring? (My email has changed since leaving the Air Force and I have not gotten that email)

Here's the e-mail I got:



Release No. 6-10-06
June 21, 2006

VA to offer free credit monitoring


As part of the continuing efforts by the Department of Veterans Affairs (VA) to protect and assist those potentially affected by the recent data theft that occurred at an employee's Maryland home, Secretary of Veterans Affairs R. James Nicholson today announced that VA will provide one year of free credit monitoring to people whose sensitive personal information may have been stolen in the incident.

"VA continues to take aggressive steps to protect and assist people who may be potentially affected by this data theft," said Nicholson. "VA has conducted extensive market research on available credit monitoring solutions, and has been working diligently to determine how VA can best serve those whose information was stolen. Free credit monitoring will help safeguard those who may be affected, and will provide them with the peace of mind they deserve," he added.

The Secretary said VA has no reason to believe the perpetrators who committed this burglary were targeting the data, and Federal investigators believe that it is unlikely that identity theft has resulted from the data theft.

This week, VA will solicit bids from qualified companies to provide a comprehensive credit monitoring solution. VA will ask these companies to provide expedited proposals and to be prepared to implement them rapidly once they are under contract.

After VA hires a credit monitoring company, the Department will send a detailed letter to people whose sensitive personal information may have been included in the stolen data. This letter will explain credit monitoring and how eligible people can enroll or "opt-in" for the services. The Department expects to have the services in place and the letters mailed by mid-August.

Secretary Nicholson also announced VA is soliciting bids to hire a company that provides data-breach analysis, which will look for possible misuse of the stolen VA data. The analysis would help measure the risk of the data loss, identify suspicious misuse of identity information and expedite full assistance to affected people.

As part of VA's efforts to prevent such an incident from happening again, Secretary Nicholson previously announced:

* a series of personnel changes in the Office of Policy and Planning, where the breach occurred;

* the hiring of former Maricopa County (Ariz.) prosecutor Richard Romley as a Special Advisor for Information Security;

* the expedited completion of Cyber Security Awareness Training and Privacy Awareness Training for all VA employees;

* that an inventory be taken of all positions requiring access to sensitive VA data by June 30, 2006, to ensure that only those employees who need such access to do their jobs have it;

* that every laptop in VA undergo a security review to ensure that all security and virus software is current, including the immediate removal of any unauthorized information or software;

* and that VA facilities across the country - every hospital, Community-Based Outpatient Clinic (CBOC), regional office, national cemetery, field office and VA's Central Office - observe Security Awareness Week beginning June 26.

People who believe they may be affected by the data theft can go to www.firstgov.gov for more information. VA also continues to operate a call center that people can contact to get information about this incident and learn more about consumer-identity protections. The toll free number is 1-800-FED INFO (1-800-333-4636). The call center is operating from 8:00 am to 9:00 pm (EDT), Monday-Saturday as long as it is needed.
 
It affects active duty too! This is actually the third time my personal data has been stolen or misappropriated (that I know of anyway.) It won't stop happening until they bring privacy act information up to the same status as classified information....misuse needs some real teeth and it's got to be controlled.

Bah, I'll get off my soapbox now.
 
I'm not in the service so I didn't get the letter but I've been getting free credit reports for a year now. I used https://www.annualcreditreport.com.

The reports are free but here is the catch: You can only get one free from each agency per year. But I've staggered mine out every four months so I get a free report periodically. I've just completed my first year and have had to make small changes to all three. But none of the changes are fraud type items. I figure if you find fraud type items on one then you may want to consider paying immediately for a copy of the other two. But if you don't then once every 4 months seems to be enough to keep your credit accurate.

I always thought it was crazy to live in a country that provides rights to its citizens but it allowed an industry like the credit reports to not only give negative information about you but also keep that information from you. I was real happy when our government forced the credit companies to provide free reports. A bad credit report not only can cost you some much needed credit, but cost you a house, and in some instances your job. Last year (the reason I started getting a free credit report) I went one month late with my bank. Up to that point my credit was spotless. I immediately paid it when I figured out I missed a payment. Citibank (not the bank I was past due with) pulls a report on me 3 months later and sees the one month past due and considers me a risk and immediatly raised my interest rate to 31%. Yup 31%. After ranting and raving about how good of a customer I was (been with them since 1986) they eventually lowered it back down to 14%. But rest assured, when that debt is paid, that account will be closed.

OK, I've done ranting. :)
 
It's absurd that employees are keeping laptops with sensitive data in their cars. That's pretty dumb. But if they're keeping these laptops at home, to work on, then I can't get as much on them. They have to keep them somewhere.

It's too bad they don't use MacOS X, which has a feature which can automatically portions of the hard drive. It probably won't defeat an expert hell bent on getting the data but the average thief won't be able to break through it.
 
Originally posted by 11Bravo
As for how it could have happened....
Let me just say this, almost 100% of the civilian employees of the military and the VA with which I have dealt are there to get a paycheck and are to a person almost completely worthless...

Hey, I'm offended! I'm a civilian employee of the USAF! Oh wait, you're just talking about VA employees? Nevermind then....they ARE 100% worthless! :D
 
We're not vererans, but my wife and I got a similar letter and offer from a bank that lost some of our data to a similar mishap. Lovely situation. Not paranoid about it, but vigilent.

I work for a major computer company, and we treat all confidential customer information just the same way we treat unpublished financial results and such, as CONFIDENTIAL and compartmentalized. I'm an engineer, and some of the software and vendor relationship stuff I deal with is closely held stuff, but trusted as I am, I don't see customer data, and neither do the sales folks see the confidential stuff I deal with. It's a need-to-know thing. My laptop stays at work unless I really need to work at home, and even then it never leaves my sight when traveling back and forth. Also I have a boot password and a hard drive password. I keep some things encrypted on top of that. Paranoid? I don't think so, and since I'm not an exec, I can usually remember the passwords. ;) :D
 
I got the letter, and I blew my knee out in basic and got booted for it :(

maybe someone will steal my identity, and no one will give them credit either :D
 
I got the letter, and have been following the situation as well. I agree that the likelihood of someone actually USING the SSN's and going so far as to commit identity fraud is very low.

Regarding credit reports and all that, all US citizens are guaranteed by law one free credit report per year, and additional ones if they are ever denied credit due to the contents of a credit report.

What the VA is going to provide to the affected members is credit monitoring for one year, which reports only on credit activity at the credit bureaus. It has nothing to do with your credit cards, your other ID's, or your credit score (FICO).

Of course, if you read carefully what AKPilot posted (which I'd also seen before), it's going to take some time for the VA to solicit bids for the credit monitoring service, select the lowest (and probably least-qualified) bid, and implement the service.

So in other words, the theft occurred in May, the VA will be selecting a credit-monitoring company (which only reports changes in credit reports as they happen) in July, and the coverage starts in August. If someone with nefarious plans had indeed started working on identity fraud, they could have been at it for as much as 4 months before the real-time monitoring started. At that point, if they stopped voluntarily, NOTHING would be reported to any of the members now covered by the VA monitoring contract because no NEW changes were occurring.

Gives ya a nice warm fuzzy, don't it?

WW
 
I'm begining to think that this might be more of a problem, the low life who took the laptop might not have realised what the info was, but with all the publicity will now. How much would organized crime or an illegal alien ring pay for this list of clean SSN#?
 
Originally posted by NUBlackshirts
Hey, I'm offended! I'm a civilian employee of the USAF! Oh wait, you're just talking about VA employees? Nevermind then....they ARE 100% worthless! :D

No, I meant all of them, military and VA.
Except you. :D
Never met you.
But you can't be all bad. :p
Like the rest.
Uh, I'm quitting now. :)
 
yeah i got mine too. Looks like they got that computer back today. They are pretty sure that nothing was used.
 
Back
Top