Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Another VA Computer Goes Missing



 By: Wayne Rash
2006-08-07
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Updated: Another computer containing veterans' information disappears. The VA says the computer could have information pertaining to as many as 38,000 veterans.

WASHINGTON—Officials at the Department of Veterans Affairs announced this afternoon that a VA contractor has discovered that a computer containing information on as many as 38,000 veterans is missing.

Matthew Burns, spokesman for the department, said the contractor, Unisys, told the VA that the computer was missing from its Reston, Va., offices on Thursday, Aug. 3.

VA officials receiving the report immediately relayed it to the Secretary of Veterans Affairs, R. James Nicholson, as well as to the agencys Inspector General, congressional leaders, the FBI and to the Department of Homeland Securitys Computer Emergency Response Team.

"VAs Inspector General, the FBI and local law enforcement are conducting a thorough investigation of this matter," Nicholson said, in a prepared statement.

According to Burns, a security team was dispatched to the Unisys location as soon as the agency found out about the missing computer.

Click here to read more about the fallout from a previous VA computer theft.

Burns said that the information on the missing computer included veterans names, addresses, Social Security numbers and birth dates, as well as insurance carriers, billing information and details of military service.

He said the information came from about 5,000 patients at a Philadelphia VA Medical Center, about 11,000 from Pittsburgh, Pa., and about 2,000 deceased patients.

In addition, the VA said it believes that about 20,000 more who received care at the Pittsburgh Medical Center may be included.

"VA is making progress to reform its information technology and cyber-security procedures, but this report of a missing computer at a subcontractors secure building underscores the complexity of the work ahead as we establish VA as a leader in data and information security," Nicholson said in his prepared statement.

Burns said Unisys is cooperating fully with the VA in conducting the investigation. "Unisys will be working with VA regarding the notification of potentially affected veterans and the offering of credit monitoring. The company will continue to work with the VA and law enforcement to address this incident," said Unisys spokesperson Lisa Meyer in a prepared statement.

Ted Davies, managing partner, Civilian Agencies, for Unisys Federal Systems in Reston, Va., said that he hopes the situation is solved quickly.

"The sphere of where it might be is very small," Davies told eWEEK.

He said that Unisys, along with the VA, the FBI and Homeland Security are sifting through evidence to find the missing computer.

Resource Library:
"I cant give out details, but it was a desktop computer," Davies said.

He said that the contract requirements mandated that the computer have a password for the computer itself, and a separate password for the database that contained the missing names. Davies also noted that Unisys met all applicable HIPAA requirements.

"The building is a fairly secure facility," Davies said.

"Were using all available data about the time and from where it disappeared. There was a lot of good information we could gather," he added.

"We have a lot of physical evidence. Were focusing some interviews around that, and were doing that in conjunction with the VA and other authorities," Davies said.

Davies noted that he hopes events move quickly.

While he noted that he cant speculate when the case would be solved, he said he hopes its soon.

"We have devoted all sorts of corporate resources to this. This is a high priority for our organization," he said.

Security consultant David Taylor says Unisys is doing the right thing.

"Heres a case where a well-respected organization with proper security got hit," he said.

"Imagine what its like for organizations that dont have security in place. If Unisys wasnt so diligent, it wouldnt have been reported," he said.

Taylor said such responsible reporting is a rarity.

"Subcontractors are often not inspected or reviewed," he said. "The larger ones have very little oversight."

He said that about 90 percent of contractors hes worked with dont have the inspections theyre supposed to have.

Davies, meanwhile, said that he hopes to be able to report new developments quickly. "Stay tuned," he said.

Editors Note: This story was updated to include additional comments from Unisys and security consultant David Taylor.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: Another VA Computer Goes Missing
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Wayne Rash
 


x}r㶲s\@♵M"b{lc-/KcI*EBc"){~u~|.dxjl@h4y$ W7-gD.]sjS;q~@ >X1%w>G (+ԯ1mnM3zmk uB;l;Twd"|l 4jG40,Sk4Z57껲5G4m/ne0S.ZIa>*VOjZ$g6(GL|$jB;$?*B43 \2Hߦ(uB)~=2pНY{!*:|HL!Vi!Qy Agw^/ԡo;U'jiv{YyQU+/E @Z#BLȡ[Ri-3d#7*[ ͡odUZB 63!1+kT*9T>lh[Gݑ[CXsIVH)ɡæI/!_CRp`åzW˩V<mP=N g4q:r˺_ּyoׁn܏|wꘇdoa-6QK7q#6aj mBO|lM=S~%D"clˡ,ft0eʆ}VSRur9?"G1g 2+{޺KB(ݫu? ?up;Xr󺮕M9둫m߈ecby1ժ=T2g`4X.:N/9W.9ܐmERN}B'jBcYqeU寯~6O|?Ol@,.iT$3ާPE$Y+iwyA X(-t[[WRH3}#w#FX*R*Y4C! ,md±(|ǚrNfޜ4C+D_0ND=fI23} MHUņ]`)ehFSiK3_^ʂ؃_΢1jNt*軬(if1A=f&/r.i }t`o8y"V9φ4l=j.EuLVd];7y֏{;]g8k5{oZ{ݹv6߷`YyƺƻsEHY77I0qN}sQV1ym2ܯCA@U~X8ʕ86n!SGñA &S;,i8;}Bw'Դ@w׈|QmQM>8B[iH'n0i+O޺|L^ž*LКP#5uh *>rl8d((s>yt{L, 0(-iH=͋06 =2+?k>fC(nH }PHV|`{ >[9nAc@|jN Jg:%w2R}#9>M CRRR$SMPԤv9DBB !B0 H V(f쎄Ћ~Z .<BI>LX裲XB ^X/E/)͙R2dV0e 򍜘I!VBg'9oU4gP?؝PԽƠ;BZ)zѦhl.s--EւeUX]ټ/ 7ryO0su-K{",6@Q+ W:K}: _iHH*E6@\Z2,c %b ҉0Z?Hpc»:>j abE3%UVLXsX)Z52{5枭lP!/Ȁ2n(这,)؂ Yz:8:O\t=_X\|:(*'||R 7vJiX$l M=t&<$2.|N\,/03gеgҝabaa=k- ;US]HXa>nZ-V ҃FD-0ڠ-E=[;b^-#毻0iTWJIUҨamLĽf2 M۠RC׶|Ġ:lF֝\Q6-L.-g \\jpf ZLps'AqA0,\y.?OVV0\n~Pa˘;P}qAWl*IHTR4 V0Dr@uˣ@gӐ!ak"_xHEy[+pp BU.)L,:Z  [ Hg [^zoBZ+NA `RI?I BL#BSͧ]=1c* "L`B{@dUkR`_ ѾZVq~"0yOoM kUM+\3f>'=\V`QcFTF 4c`W2$̮fG 2R.1^Cs2]*W(H3u=ZEh dEN\tCN!+pDZQO]\)LeOi?AG Ȃt!MU,p{Y0XAC5"h#L`V8&) =mVQJs4Gv;WԲ)짥Vt u _3MO-זG$ X  d5=L:,JVR=myFs܇1"ክ5TS;NWGw jVJ)VMYU!bW hĞf`ɢgayͤh[`z[>ݩY$g8MG(Fi(Y+|[` 6fVɝ> N6mNQLtM'\մri` s*? }x6Œ™u8YX[NAaNɧvP±BpaqgX7|/ UێI?sԵкMsls Gq3"nLt@-'E&5h, A)NvZq~꩔Jg P"H@:erz埍W?nHߪ飦,0t&\XbbקGe7UY%R (NYb hٌj_ʼnZkRS+GF) "U!7T>z#_7)>FV!ȍZV/!IC|)탨_ӻ&CUiZe%%~ݳ!WӒFqi-yB֒%3qVJ8-ܟ`"@N|O!ZO]TJ0erI8MYI {K K,%.@^ذF-dr=LP6n'in&.j7t[b 3ɔLhsyX#%dBU[#m(3tS6l\Qmxb1?lWa70ϲ]hta_9c|w#'U ];hF>##vjQ7MZZ}H{O{j:8P;坠PTp#hh*fˠM`aEF|.%->'Mw[v1CN;#͋^4>A ̯$S :D=(oY7m\T}e6d>HP?X#=tytov/F]oF=foݷvcW}m;ǍicP/ZSiɘNFBARTUulko bY9sJUWV ;d,E'^d17KPdƛztAK RS`̾qO7׷LbR#B?wAzXV.=]f+wQȤޝ+b_,,R鲏v9|Me-^RIR>\$߫$ꀞ"h h6vo"Y"V0N Ȧ7=12~!_O}redz}X ?*4lo `zS`[ʅ=RH3xH ;nmo܍n  B;FJX<$NmZ 9a_Ъ ŵ^`Z:p8|#؈f_O6oN{cA|3 e\1kM__s w2 |cI%%&p!$~8=Sq D"^x7e\ ]aKn~ Vv/wk`0q4L~+FY :ˬZyh2g toԱU XZPփRrtta XY6zXmU`.Op+6SZ>W4l끣ʐu+tǔØt:fϟf1Z@B F ?]6=tjw~> ֐w>2ӐNڝ@hc 29Mf(ز]pR@A~0 $AƖ^qS4NP@-鄖tkTz6}H; iCbRvHa\;\8ɓ@#暢#1v}ɵp{N0d 9:z%J^q:ot H2g,9|'Cr$_e0Ҙ+Z#<1s2A$&NjxsHDi> : 2h`$}zb lWK s@%5ptƛ!<7 qsFICð\T1fдۦtN`Qw>:Xn\~҄&XD.*٤QG7\cLCe !R~ytn_jw8vƵ HV vSQ̆}mls{Q6%kj oʜMs%^F*:k_ѓʤWx|/>GWqjJGpL @ Q@8w;ll%Pv޵36;f\a~#>˛T@]D^E kNv͙l%?:PN pjK<{T ܌fM(|3萜5J.a# <$VO065GT2s ('bRRImFHc?HM阅 绺1 ׾+5t\b [" b$z9Q֓xF vėI;,'8Tʸ-(A=֓[ ' T> ? |ukG<>p/0k,,uz_ʜېx/E<|2ogtCDHjen+W.VeZ*Qd!wBYҙEHC"j/D4/[!M ,x])sD>k?ΕPʶEepJ|`v7 Űqy(VZElHWH>w̔t VaC%xuLq:uga"ҳM P@Z|ID-NOMyWYgKg7777Wnj|m%]~pdԓ{'Aɕk%mnFڰ \݅ c'{KmtD;݌.Wu*O8@o?\a\C}&swBQR&vM&tWJIAo\=V|=7'w3Q^ױ,_<ާԑ=RgP%Z@i͊% KJW1[4}kf!M N|VC^uCh D\+:3XLVKX T?.bhpX ~E=>ۗy}ڒ /|t`86K;8.wHm,5kQuAȽ^qd%/kT[nݷ8ߪ4VDygkYW͍v.oEHW˟2TQ Z%B+lxϫ[& =mOkB*ڻ/b˕yҿ:M㎋veHM, qF;:[7oh/Hvj}e8㹙t=|6-a-M*X6̎5>,ÓE{ ˢ.ƞ}:|!pۼTErkH nn86oZlï.:l=KЬD5fXG(%"Q0MzьcqX4G܀ͯP*X(v"=݇^&۝ݽ]Ũ|Myp-I ~&;rۥHڅ$OҶ%A dԱm'I^lǰM:,{x-b9 Dw߁\<@$!i\ LD'l۠Ѹl`4!4q,o>(b=X67Հ Y+~)Ԝ}F(a!<{:UQYH:[Icd|b]Fϰ_dEi'y{Ddg =Mu*b m0@~ uM|:w%o靖?n%cu(4!N|^w£w;/_aR-,:'h[R(o |5nĹP-4$бk'ėGʮ~GňkO)G>ş Z.GV,\jX-x{$e :AaD0n {ö+{#0k~'Ѝo!j\x1{}rs0s^jb{P2D#C%1d(##Gs0T%9x "~ JLZC@ _^a)~c)A%+>^G "K&5\r(p#(,oqn/t=w9h*b4K-'(mL1H9ʥ`sRk lc1 {[īQdes[`ɧj)bIT(-A8f|^,[[{VULX[FkLϫ&t];X[GL[WؔUS]<_q=o74qdfYj*i?u~<- 3pJS c;z#q9MAzdbӇf-MeaaZG v ˺S DC>bE"#M}jj~RV+ڑ!o]+5Mj}r;ˁUC@n):/_Z#砡"^l'=w\KJ-ݷgpt +Pх%SgQzքrO}K[\JP`o2)?}-ߒ|t[˜oW-F]>a}P~ ĮTt62xޞj_7 $|t"O&S':ZAN}NT$ݵ6n͔t@EP]'~1~bkuNޞ+,9)ssxfZ-j5Fd{;7s,2;;F錜Xp,D""ab6b~mz>+sY h#jϊ5yJnSX.&s{[>#ZIqpfB3ZJ|1E3ޤ0Lj"xxb bFa?O͒;IoP}3Y?d=a Qٽ[!g=Jm~Cѥ}* _3;-c+තBzc:&JxI St #?)){ꞪߒΞq?~m@" ?Ki揣O8]: 0Ln 1YG7CkUEYG71`ckMBR[7g;eI~mH${=9QAiaJ~X{c6 ACbp)4fLWtVjjU)G_"׾Rs]j9u\Me YQV&"ߜ7Ҕ\ BIt/ P/HZ  W{P~e{$sc5bru?OsC"ݏݓuݹ"ǭXº-J-uwN?t?Z7^qfv>Tu^KLxӴe$Aή-L)DlSgĥ,<%Ewn"8lxVwfO|ݻX)e3̋, qW~4ab ^)o޴]-[I ,ǫ#x]by5sλqkAKe~5]0<1(:hEG:WB#RyTyyx?@&Pj3'靜tSi+'OV~r>?BB㼽:}ZhOsҡ}}}oCIV_05.sK{Ke~.9̡KD-椟CyN? 9闐~{3W?W9sw3~h'?ɑ/@9q sO诗CAVC_~mPZ~wy@w9{wCNr!HoYNϯps˅q+ /Wa uu~9@zJɡ ,cs\) SҾw2~6RAi_tN qʕ8{^S_xښ薽RqLfM9nX_ G{2>Wh K[4yHGU4:,)~lbyDe?~VRR枌u]CZLr!{]WeM'nikz(s3gg=U26C":F*FD2KA1_u9ͧ,N ;H_eLh(ÉGٞރ}n}7F޿n@~L|uҚ޴8xg?9/ݹg֪K3cKp'k͠~%k"N\i(-xkL\BpkQ^ ="5l050ŸheR 7㌰6ǛvuCZ7W͋u}}tz=,q8 5RQu8 % H-M3wN٣8 an-gb 4_ N+u7+6v@;a[@R'o:*VZ; f=" }:cǬ*(4f.2^46To^_g]N* XV2Y1͵1h+z@`:~ {j\;aKƘS DMKI6)N$9a+PTE'0@=CbR4H :"VESXNA}Jgg_6b Gy*5@tg^lVxRDN]czl0)y+ 9JنW0U7VAo3SY,~ V_Dz~%B+*π -/z0> :#[3Q)֜6Ogзcx쥭%mY $v.}xF˒5\r$2fR/9"% mPmJ[ Ͽay+4(4&I cS 1?0j;;//[62' SL+4%RЈxym4` أ|GK@?[죕iϖ'%\#dĸo3@WD0;"6I}."sE0畲&(Xp\'AVΙنrboSܽ@Erg˫Hy56VsֈN`^zKAѮY=n0o:`5O#ǞG:K8~mA=fy{̴-UradK۔Xf:PyXt!m+Q9`/9H,^3H\cn)ZF1uB(b4@L/aɟ]챼WIڶ7(G,cհKa[:*6 Vn ۲ UyӷmXM\7lȰ-'myCQ1Vvf$Ѿs,a|X oV|޸u7q`d2o|O60NmKLkXI@ Is-.,wv"Un4Mb1"[\'^IYdž a\жX5,@a)5BO7sQ30RO +(|[P<1vm˘qq9q3E~2H=8HVlewɵ6:++chޘ'_֬LE—a8(= ZBk|XM]s*&tصa}|08rX ~F鄅6sȣoz`Z^YdW X-1!Dt9)}rl&vP?8هl~H&THl[+УDntFs-^8ɱ>s/FAĂ'g