Forwarded from: William Knowles <wkat_private> http://www.estripes.com/article.asp?section=104&article=11756&archive=true By Tom Philpott, Special to Stars and Stripes European edition, Thursday, December 26, 2002 Enrollment and claim files of 550,000 Tricare beneficiaries across the 16-state Central Region of the military's managed-care network have been stolen, officials announced Monday. Missing are computer hard drives with names, addresses, phone numbers, Social Security numbers, claims data and other information on every servicemember, family member and retiree enrolled in Tricare through TriWest Healthcare Alliance Corp., the managed-care support contractor for the Central Region. "This is theft of information, pure and simple," said David J. McIntyre Jr., president of TriWest, in a phone interview. The Central Region comprises Arizona, Colorado, Idaho, Iowa, Kansas, Minnesota, Missouri, Montana, Nebraska, Nevada, New Mexico, North Dakota, South Dakota, Utah, Wyoming and western Texas. Among potential victims of one of the largest identity theft cases in recent memory are tens of thousands of active-duty servicemembers listed as sponsors to family members. The threat of financial mischief through credit card applications, access to e-mail, rerouting government checks and false identifications is clear. But the stolen data also would seem to create risks to national security and to personal safety, in light of the war on terror. The break-in occurred Dec. 14, when every hard drive out of TriWest "servers" used to store enrollment and claims was stolen. TriWest for the past year has housed its servers in industrial park offices in northwest Phoenix. The thief or thieves apparently gained access to a property manager's office, stole a master electronic key and entered TriWest spaces, according to reports. The office was not protected by surveillance cameras. Electronic-door records show the thief was confident enough about not getting caught to make two trips, in and out, of the secured area. "We and the Department of Defense obviously are concerned for individuals whose personal records were stolen," said McIntyre. "We hope that the intent was not to steal the identities of individuals. - But we are operating on the assumption we need to take every measure to assist beneficiaries [understand] steps they can take to protect their information." The FBI, Defense Criminal Investigative Service and other law enforcement agencies are investigating the incident. TriWest is one of four contractors having deals with the Military Health System to provide care to servicemembers, retirees and their families. The four and, presumably, other managed-care contractors, were to deliver their bids in January for the next generation of Tricare support contracts. DOD has delayed the filing deadline by several weeks. TriWest used backup tapes to restore stolen files within three hours of the theft’s discovery, McIntyre said. But irked Defense officials said in a statement they got word of the theft from TriWest on Dec. 20, six days after it occurred, and then "began working with them to ensure uninterrupted delivery of medical benefits in the wake of the break-in." Tricare officials have ordered other managed-care contractors to reassess their physical and electronic security. - FWD - http://tricare.osd.mil/newsreleases/2002/news0236.htm December 23, 2002 No. 02-36 The TRICARE Management Activity announced today that computer equipment and files were stolen on Dec. 14, 2002, from its TRICARE Central Region health contractor, TriWest Healthcare Alliance Corp. in Phoenix, Ariz. TriWest contracts with the Military Health System to provide health services to service members, their families and retirees. The equipment and files were used to help deliver health care services to these beneficiaries residing mostly in central and western states of the United States.* The total impact of the theft is still being assessed. The case is being investigated by the Defense Criminal Investigative Service, FBI and other law enforcement agencies. The Department regrets any inconvenience this incident might cause. The Defense Department, after learning of the theft from TriWest on Dec. 20, began working with them to ensure uninterrupted delivery of medical benefits in the wake of the break-in. As more information is known about the theft, the department will ensure that TriWest will be in touch with affected beneficiaries. TriWest will contact affected individuals and will establish both a toll-free number and an e-mail address for TRICARE beneficiaries who have questions about what they need to know and do. The department has ordered all contractors working with the TRICARE system to assess their current physical and electronic security. For further information, beneficiaries may call toll-free (888) 339-9378 or e-mail questions to computertheftat_private * Colorado, Idaho, Iowa, Kansas, Minnesota, Missouri, Montana, Nebraska, North Dakota, South Dakota, Utah, Wyoming, Arizona, New Mexico, Nevada, extreme Western Texas *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Dec 31 2002 - 08:01:42 PST