GAO Asserts VA Is at Risk for Another Data Breach

In May, 2006, the Veterans Administration (VA) fell victim to an enormous data breach, affecting more than 26.5 million veterans. Now more than a year later, the news from the Government Accounting Office (GAO) is not good. They assess that the VA is at risk for another data breach:

A GAO audit of physical controls at VA installations found more than 100 missing IT-related items, according to a report by government investigators released this week.

The VA suffered a massive data breach last May when a laptop was stolen from the Aspen Hill, Va., home of a department employee. The incident affected 26.5 million veterans and active-duty members of the U.S. Armed Forces.

The theft of any one of 53 missing computers noted by the GAO could result in another breach, according to the agency.

“Our assessment found that a weak overall control environment for IT equipment at the four locations we audited posed a significant security vulnerability to the nation’s veterans with regard to sensitive data maintained on this equipment,” Valerie C. Melvin, director of human capital and management information systems issues at the GAO, testified before the U.S. Senate Committee on Veterans Affairs on Wednesday. “Our statistical tests of physical inventory controls at the four locations identified a total of 123 missing IT equipment items, including 53 computers that could have stored sensitive data. The lack of user-level accountability and inaccurate records on status, location and item descriptions make it difficult to determine the extent to which actual theft, loss or misappropriation may have occurred without detection.”

As with last year’s incident, veterans are left to fend for themselves. It underscores the importance for all of us to be vigilant over our financial and personal records. There are several useful resources on the Internet, including the government website IDTheft.gov and Privacy Rights Clearinghouse.

Related Posts:

• No Related Posts