Millions of veterans and active-duty troops whose sensitive personal information was lost by the Veterans Affairs Department will receive some form of credit protection against identity theft, the government said Wednesday.
Separately, the Transportation Department inspector general’s office said that one of its laptop computers containing names, birth dates and Social Security numbers for 80,670 Florida residents was stolen July 27 from a government vehicle in Miami.
Transportation officials were helping police investigate the theft of the laptop, which was stolen in Doral, Fla., and contained data about people issued commercial driver’s licenses in the Miami-Dade County area.
The laptop was protected by a password, and there was no evidence the data has been used illegally, the department said.
VA Secretary Jim Nicholson said his department had arranged for a data analysis company to detect potential patterns of credit misuse for up to 26.5 million veterans whose names, birth dates and Social Security numbers were on a laptop and hard drive taken last May from a VA data analyst’s Maryland home.
VA subcontractor Unisys Corp. also agreed to provide one year of free credit monitoring for as many as 38,000 veterans after the company last week lost a desktop computer containing their data at its offices in Reston, Va.
Letters will be sent in coming days to veterans affected in the Unisys case describing how to sign up for the free credit monitoring.
“Protecting veterans from fraud and abuse remains an important priority for VA,” Nicholson said in a written statement. “Data breach analysis will provide VA with additional assurances that veterans’ personal information remains unharmed.”
The VA said ID Analytics, of San Diego, will provide the extra level of protection for those whose records were taken in the May 3 burglary.
In that case, the FBI recovered the laptop and hard drive and determined with a “high degree of confidence” that the data wasn’t accessed or copied. Two teens were arrested last Saturday in what now appears to have been a routine burglary.
ID Analytics will provide an initial analysis of several industries to determine if there has been any suspicious activity involving the veterans’ information. It will then provide followup reports every three months for an unspecified period at no cost to veterans or the government, the VA said.
The VA is struggling to repair its image following the high-profile theft last May, which prompted more than a dozen congressional hearings and a blistering VA inspector general’s report faulting both the VA employee and his superiors for poor judgment and lax security policies.
Nicholson pledged to make the VA a model for information security. But the VA’s announcement on Monday that Unisys had lost data for veterans who received care in Philadelphia and Pittsburgh prompted fresh criticism.
“VA remains unwavering in its resolve to become the leader in protecting personal information, training and educating our employees in best practices,” Nicholson said.