Ladies and gentlemen we have a SNAFU!


If you are active duty military or a veteran you should recognize the acronym SNAFU.  For those who don’t it stands for Situation Normal, All F*cked Up. You learn to live with a lot of that in the military, it is just as common as ‘hurry up and wait’.  Unfortunately SNAFU carries over into our life as Veteran’s too.

All Veterans fall under the US Veteran’s Adminstration.  They have all of our information.  Many of us veterans are receiving some form of benefit from the VA.  I happen to receive medical benefits as a service connected disabled veteran.  Others maybe receiving educational benefits through their GI Bill.  Or even housing benefits through VHA loans.  No matter what benefits you receive (or not) the VA has your information.

The VA also has a less than golden track record on protecting our information.  Until the Heartland Payment System dataloss a couple of years ago, the VA held the record for the largest ever security breach with over 25 million veterans’ personal information exposed.  Unfortunately the VA continues to experience datalosses so often that it doesn’t even shock us anymore.

 

If you are a veteran of the U.S. Armed Forces; taking the threat of identity theft seriously is not an option, it is a requirement.  Your information has already been lost.  LegalShield can help by providing you with the assistance you will need when you become a victim of identity theft.

The following information comes from the Privacy Rights Clearinghouse.  This information is just the security breaches for 2011 involving VA or Military agencies.  Keep in mind this is only for 2011:

September 16, 2011 Veterans Administration Medical Center (Biloxi)
Biloxi, Mississippi
GOV PHYS

1,814

The VA believes an employee’s office at the Veterans Administration Medical Center in Biloxi was inappropriately accessed without proper authorization on July 21.  A number of medical files with veteran names, Social Security numbers, dates of birth and other personal information like medical diagnoses were found spread on the office floor.  The breach could affect veterans, deceased veterans and VA employees in seven counties in southern Mississippi, four counties in southern Alabama, and seven counties in the Florida Panhandle.

Information Source:
PHIPrivacy.netrecords from this breach used in our total: 1,814


 

September 15, 2011 United States Army
Alexandria, Virginia
GOV PORT

25,000

A CD with sensitive Non-Appropriated Fund retiree information was lost in the mail between Alexandria, Virginia and San Antonio, Texas.  The CD never officially arrived after being sent during the last week of August.  It contained retiree records with names, Social Security numbers, retirement date, type of retirement, amount of life insurance carried, term data, dates of service, and other retirement data.

Information Source:
Databreaches.netrecords from this breach used in our total: 25,000


 

August 8, 2011 Department of Veterans Affairs
Fayetteville, North Carolina
GOV INSD

Unknown

A dishonest VA worker used his tax return preparation business to submit fraudulent tax returns.  VA patient personal information such as names, Social Security numbers and birth dates were used to create fake dependents on people’s tax returns.  The VA worker then collected fees from customers in exchange for fraudulently increasing the dollar amount of their tax returns. He was convicted in February and sentenced to 11 years in federal prison. The employee handled information from VA patients in North Carolina and Virginia.

Information Source:
PHIPrivacy.netrecords from this breach used in our total: 0


 

August 3, 2011 Department of Veterans Affairs
Washington, District Of Columbia
GOV INSD

Unknown

The inspector general at the VA found that IT contractors had accessed the VA’s electronic health record system without appropriate security clearances.  An tipster had left a message about the situation on a departmental hotline in the summer of 2010.  Contractor personnel were found to be improperly sharing user accounts when accessing VA networks and the Veterans Health Information System and Technology Architecture systems. Employees of the contracting company were unaware of proper IT security protocol.

Information Source:
PHIPrivacy.netrecords from this breach used in our total: 0


 

April 8, 2011 V.A. Medical Center
Aiken, South Carolina
GOV PHYS

2,600

Please call (706) 729-5893 for more information.

A V.A. employee may have thrown the personal information of over 2,600 veterans into the trash. The breach was originally discovered over a month before the official notification and reported by a news channel. The V.A. admitted that appointment records with Social Security numbers, dates of birth and other information were accidentally thrown into the trash instead of being shredded. The records were from January 2010 through January 2011.  All veterans from that period were contacted, but not all were affected.

Information Source:
Databreaches.netrecords from this breach used in our total: 2,600


 

March 21, 2011 Portland Veterans Affairs Medical Center
Portland, Oregon
GOV PHYS

50 (Between 50 and 75)

Between 50 and 75 patient ID cards were lost in January. Social Security numbers, dates of birth and other personal information were on the cards. The cards had previously been mailed to the wrong addresses and were being stored in the hospital’s enrollment office.

Information Source:
PHIPrivacy.netrecords from this breach used in our total: 50


 

January 29, 2011 Veteran’s Affairs Medical Center
White River Junction, Vermont
GOV DISC

114 (No full SSNs or financial information reported)

A client device owned by Dartmouth allowed an unknown amount of people to anonymously log on to a computer network. A document that contained Veteran and Dartmouth patient information could be viewed once people had logged on using the client device. The document contained a list of Dartmouth and Veteran patients. Last names, last four digits of Social Security number, clinical diagnosis and comments were exposed. At least one patient had their full name and date of birth exposed. The problem had existed for an unknown amount of time.

Information Source:
PHIPrivacy.netrecords from this breach used in our total: 0


 

January 13, 2011 New Mexico National Guard
Sante Fe, New Mexico
GOV STAT

650

A computer with the deployment records and Social Security information of soldiers throughout the state was stolen from the National Guard Headquarters in Sante Fe.  The theft occurred sometime between December 23 and 28.

Information Source:
Databreaches.netrecords from this breach used in our total: 650


 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s