[ISN] VA still lags on encryption

From: InfoSec News <alerts_at_private>
Date: Mon, 3 Dec 2012 02:20:20 -0600 (CST)

By Taylor Armerding
November 30, 2012

More than six years after the Veterans Administration (VA) suffered one 
of the worst data breaches in history, it is still a long way from 
closing off the vulnerability that made the breach possible: lack of 

It was on May 3, 2006, that a laptop and external hard drive containing 
an unencrypted national database with names, Social Security numbers, 
dates of births, and some disability ratings for 26.5 million veterans, 
active-duty military personnel and spouses was stolen from a VA 
analyst's Maryland home

The laptop was returned almost two months later by an unknown person, 
but the VA still spent about $20 million to notify those whose 
information had been compromised and for credit monitoring.

Three months later, in August, the VA secretary ordered the agency's 
Office of Information Technology (OIT) to upgrade all VA lap and desktop 
computers with enhanced data security encryption software.


Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
Received on Mon Dec 03 2012 - 00:20:20 PST

This archive was generated by hypermail 2.2.0 : Mon Dec 03 2012 - 00:33:37 PST