Thread Options
|
#556537 - 05/23/06 01:24 PM
Re: VA Data Breach
|
Power Poster
Joined: Nov 2001
Posts: 7,985
FINALLY ABOVE the gnat line
|
What disturbed me about the articles I read was the level of detail about what was taken from the employee's home. It was an area with numerous burglaries recently and if the thieves had not yet discovered what wonderful sellable info was on the laptop, the newspapers told them!
_________________________
"Once you learn to read, you will be forever free." - Frederick Douglass
My Opinion Only.
|
Return to Top
|
|
|
|
#556539 - 05/23/06 09:00 PM
Re: VA Data Breach
|
10K Club
Joined: Oct 2000
Posts: 27,754
On the Net
|
This may well stop those employees who bring work home. I haven't heard if it was all encrypted or not. I did hear he broke policy by taking it home in the first place.
_________________________
AndyZ CRCM My opinions are not necessarily my employers. R+R-R=R+R Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell
|
Return to Top
|
|
|
|
#556540 - 05/24/06 03:17 PM
Re: VA Data Breach
|
10K Club
Joined: Dec 2002
Posts: 40,766
Turnpike Exit 10
|
I heard the same thing, it was not an authorized removal of data. Just think, I am sure this guy's life is going right down the tubes after this.
_________________________
Get your facts first, then you can distort them as you please. - Mark Twain
|
Return to Top
|
|
|
|
#556541 - 05/24/06 03:48 PM
Re: VA Data Breach
|
Power Poster
Joined: Jan 2004
Posts: 2,795
Guess
|
What would be a good proactive stance to take with concerned customers?
Obviously, recommending that they place a fraud alert with the three credit bureaus is one course of action. We are also offering to place an alert on their accounts if they request it (although our current policies and procedures should be sufficient to stop any unauthorized transactions as things stand now).
Any thoughts on other things banks can be doing to alleviate customer concerns?
_________________________
Sorry, did I just use my outside voice?
|
Return to Top
|
|
|
|
#556542 - 05/24/06 04:48 PM
Re: VA Data Breach
|
100 Club
Joined: Jul 2004
Posts: 135
Beatrice, NE
|
We are giving anyone who requests it the opportunity to add a "keyword" to their account for identity verification purposes when making an inquiry. Normally, when someone calls they use the last for digits of the tax ID to verify the idenity and since that was included in the stolen information, we're offering to add the keyword and putting it in an "alert" on the account. I let our local Veterans Services know this as well as released the information to our local paper and radio stations.
|
Return to Top
|
|
|
|
#556543 - 05/25/06 03:18 AM
Re: VA Data Breach
|
10K Club
Joined: Dec 2000
Posts: 21,293
|
Besides what your bank can do, Trans Union (and I assume the other 2 major CBAs) has set up a fraud victims unit and provide a lot of helpful info on their website. If someone does have a problem, they truly do a lot for them including placing the alert on the other bureaus reports. I had looked into this when a former employer had a breach. And of course, people can subscribe to some services that include monetary coverage for expenses, and some $ losses.
|
Return to Top
|
|
|
|
#556544 - 05/25/06 01:52 PM
Re: VA Data Breach
|
10K Club
Joined: Oct 2000
Posts: 27,754
On the Net
|
Allowing keywords is a good idea, promoting internet banking from an account monitoring perspective is a good idea (offer it free for 90 days or something if you have a charge for that or bill pay) and remind them of the fraud alert protections under the FCRA. I'm sure that is included in the link from Kaybee. I'd also remind them that they don't have to go out and pay for credit protections. So far, it appears the data was stolen as a random crime for the computer, not the data. Hopefully all the press hasn't changed that. And remind them that they can get one free report fro each of the three CRAs annually. Because the data is much the same, amortize these by getting one, every 4 months, to monitor their own credit.
_________________________
AndyZ CRCM My opinions are not necessarily my employers. R+R-R=R+R Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell
|
Return to Top
|
|
|
|
#556545 - 05/26/06 02:11 PM
Re: VA Data Breach
|
10K Club
Joined: Oct 2000
Posts: 27,754
On the Net
|
I see the VA has a $50,000 reward for the laptop now. Hopefully they'll be able to determine if the data was copied/accessed if they get it back.
_________________________
AndyZ CRCM My opinions are not necessarily my employers. R+R-R=R+R Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell
|
Return to Top
|
|
|
|
#556549 - 05/27/06 12:55 PM
Re: VA Data Breach
|
Power Poster
Joined: Jul 2001
Posts: 3,708
Las Vegas Nevada
|
The Veterns Department announced the following
On May 25, 2006, the Department of Veterans Affairs Office of Inspector General (VA OIG) and the Federal Bureau of Investigation (FBI) have announced a $ 50,000 reward through the Montgomery County (Maryland) Crime Solvers organization, for information that leads to the recovery of a laptop computer and external hard drive that contained personal information for millions of veterans.
Montgomery County Police are working with the FBI and the VA OIG in the investigation of a residential burglary that occurred on May 3, 2006, in the Aspen Hill community of Montgomery County. Taken during that burglary was a laptop computer and external hard drive which contained identifying information for approximately 26.5 million veterans.
At this stage of the investigation there is no evidence that the suspect or suspects responsible for the theft had any knowledge of what information was stored on the hard drive.
The primary objective of the investigation is the recovery of the laptop and external hard drive. Anyone who can provide information that leads to the recovery of the laptop and external hard drive that contains the veterans' data should call Crime Solvers of Montgomery County at 1-866-411-TIPS (8477). A cash reward of $50,000 will be paid for information provided to the Crime Solvers tip line that leads to the recovery of these items.
We are providing as much information as we have about the incident and alerting veterans of the situation.
Veterans should continue to monitor this web page (http://www.firstgov.gov/veteransinfo) for further updates.
VA has set up a manned call center that veterans may call to get information about this situation and learn more about consumer identity protections. Concerned veterans may call 1 (800) FED INFO (1-800-333-4636). The call center will operate from 8 am to 9 pm (EDT), Monday-Saturday as long as it is needed.
What will be done to prevent this from happening in the future?
The Department of Veterans Affairs is working with the President's Identity Theft Task Force, the Department of Justice and the Federal Trade Commission to investigate this data breach and to develop safeguards against similar incidents. The Department of Veterans Affairs has directed all VA employees complete the "VA Cyber Security Awareness Training Course" and complete the separate "General Employee Privacy Awareness Course" by June 30, 2006. In addition, the Department of Veterans Affairs will immediately be conducting an inventory and review of all current positions requiring access to sensitive VA data and require all employees requiring access to sensitive VA data to undergo an updated National Agency Check and Inquiries (NACI) and/or a Minimum Background Investigation (MBI) depending on the level of access required by the responsibilities associated with their position. Appropriate law enforcement agencies, including the Federal Bureau of Investigation and the Inspector General of the Department of Veterans Affairs, have launched full-scale investigations into this matter.
_________________________
Compliance Analysis and Research - Software for your CRA/HMDA analysis needs
|
Return to Top
|
|
|
|
#556550 - 05/30/06 10:28 PM
Re: VA Data Breach
|
10K Club
Joined: Oct 2000
Posts: 27,754
On the Net
|
Equifax has a drop down menu, or a pop up window specifically on this point now.
_________________________
AndyZ CRCM My opinions are not necessarily my employers. R+R-R=R+R Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell
|
Return to Top
|
|
|
|
#556551 - 05/31/06 12:56 PM
Re: VA Data Breach
|
10K Club
Joined: Oct 2000
Posts: 27,754
On the Net
|
Military.com reports on HR5455, the Veterans Identity Protection Act of 2006. This would provide one year of free credit monitoring to veterans affected by the breach. Taxpayer cost, $1.25Billion. (Guess the problem belongs to all of us now.)
_________________________
AndyZ CRCM My opinions are not necessarily my employers. R+R-R=R+R Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell
|
Return to Top
|
|
|
|
#556552 - 05/31/06 03:06 PM
Re: VA Data Breach
|
10K Club
Joined: Dec 2000
Posts: 21,293
|
|
Return to Top
|
|
|
|
#556553 - 06/01/06 01:21 PM
Re: VA Data Breach
|
Power Poster
Joined: Jul 2002
Posts: 5,568
New Jersey
|
Cost of initial error: one severance package. Cost to retrieve lost notebook: $50,000. Getting the taxpayer to pick up the tab: priceless.
_________________________
Management is doing things right; leadership is doing the right things. Peter Drucker
|
Return to Top
|
|
|
|
#556555 - 06/01/06 02:10 PM
Re: VA Data Breach
|
Power Poster
Joined: Jan 2004
Posts: 2,795
Guess
|
They already had the controls in place ("Employees are NOT to take work home with them.") Enforce your current policies.
Last edited by ncmountainman; 06/01/06 02:12 PM.
_________________________
Sorry, did I just use my outside voice?
|
Return to Top
|
|
|
|
#556556 - 06/01/06 04:11 PM
Re: VA Data Breach
|
Diamond Poster
Joined: Aug 2005
Posts: 2,313
Living in the land of Oz
|
Does anyone know if there is a list somewhere that will tell me if my spouse's information was compromised. I hate to put fraud alerts on my credit reports if our information has not been compromised.
|
Return to Top
|
|
|
|
#556557 - 06/01/06 04:43 PM
Re: VA Data Breach
|
10K Club
Joined: Oct 2000
Posts: 27,754
On the Net
|
You'd need to call the VA, but the articles have some of the criteria. It included just about everyone entering the system after 1975 (I think it was) and who had changes in eligibility since then.
_________________________
AndyZ CRCM My opinions are not necessarily my employers. R+R-R=R+R Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell
|
Return to Top
|
|
|
|
#556558 - 06/09/06 07:43 PM
Re: VA Data Breach
|
Power Poster
Joined: Oct 2000
Posts: 5,991
Soaring over Georgia
|
I received my notification letter from VA in the mail this week. I was surprised that they had my current address, since we just moved in January. But the letter explained that - they used the IRS to forward the letters to Veterans based on their SSN and most recent tax return filings. Under this premise, I would suspect that most veterans affected will receive a notice telling them they have been affected.
My letter did caution me that I didn't need to over-react and close all my accounts and such. Just monitor for any suspicious or unauthorized activity. Since I've previously been victimized by identity theft (unrelated to the VA breach), I've already got an extended alert on my credit report. I also balance my bank account statements and reconcile my credit card statement to receipt entries religiously. I also review my credit report annually, and will probably increase that frequency to at least quarterly given this new breach.
_________________________
Jim Bedsole, CRCM, CBA, CFSA, CAFP My posts - my opinions
|
Return to Top
|
|
|
|
#556559 - 06/12/06 10:46 PM
Re: VA Data Breach
|
10K Club
Joined: Oct 2000
Posts: 27,754
On the Net
|
Well color me stupid. I never even considered the fact that I am one of these veterans. My first thought was my dad.
But then again, who'd want to be me? Sometimes I don't want to be me so if anyone does want to steal my ID...
_________________________
AndyZ CRCM My opinions are not necessarily my employers. R+R-R=R+R Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell
|
Return to Top
|
|
|
|
|
|