U.S. Service Personnel Data Stolen

BStrunk writes "I was reading the news this morning on Reuters, when I stumbled across this article: U.S. Service Personnel Personal Data Stolen In the article, an official violated policy by taking the detailed personal information of thousands of active and reserve troops to his personal home, storing it on a personal computer, that was later stolen. In an age where domestic phone calls are monitored, a government employee was allowed to walk out of a government installation with the data on thousands of American citizens to store on an insecure personal computer? Doesn't that seem strange to you? This is a real failure, in my opinion, in government protection of its citizens. Layers of encryption and protected access was successfully bypassed to make the theft of this information as simple as stealing a home pc. Now, not only do service personnel currently serving have to worry about IEDs and being fired upon, but they are now subject to possible identity theft. A real failure. After this, how could one have faith enough to serve an inept institution?"

Strange question

[stupidfoo]

After this, how could one have faith enough to serve an inept institution?

Why do we need all the editorializing in the blurb? And the troops don't serve an institution.

Re:Strange question

I agree, rants and opinions belong in posts, informative summaries belong on the main page. I don't go to slashdot to get raved at by someone who doesn't understand the difference.

That being said, I agree this was a failure, but not of the U.S. governemnt. This was a failure by the analyist who didn't feel it manditory to follow the rules. Every good sercurity measure begins and ends with trust. The Office of Veteran Affairs was betrayed just the same as everyone else in this instance.

Re:Strange question

[Herkum01]

The Office of Veteran Affairs was betrayed just the same as everyone else in this instance

I call BS, Veteran Affairs has consistently been given low grades in security. It goes back to a culture of "I don't give a damn". As long as the agency is not punished, publicly or privately, you can bet it will happen again.

Re:Strange question

[RingDev]

I call shenanigans on your BS. You can't pin this down on just the VA. As a former member of the military who worked in HQ MC and the Pentagon, I can assure you that given the proper motivation of any worker, this information could be leaked/stolen/sold.

In this case the fault was negligence. The laptop should have had an encrypted hard drive. The consultant should not have taken the data home. But if the consultant shouldn't have taken the data home, why was he given a laptop? There were many mistakes made in this process, and those same mistakes are made throughout the government and private sector. The VA has no special claim on incompetence.

-Rick

More Than Identity Theft

[foo+fighter]

There's a real fear that this includes classified disability info.

If that info gets on the web, an employer googling a potential employee's name may see that candidate has, for instance, post-traumatic stress disorder (PTSD) and decide not to hire them. It's currently illegal to discriminate like that, but there's no way anyone will ever know in this hypothetical situation.

And in other news

[porkchop_d_clown]

Slashdot notices a month-old scandal.

Thieves steal personal data of 26.5M vets

Theft of Data Leads to Firings

Re:Overtime... free or otherwise

[drinkypoo]

This is a case of "no good deed goes unpunished."

Not keeping records of servicemen's personal data secure is a good deed?

The guy was working on a project at home "unauthorized", his laptop and usb hdd get stolen, officals grandstand, and he gets fired at age 60 (perhaps without a pension).

Fuck, I sure hope so. I hope he got fired twice somehow in a bizarre star-trek-ian causality loop. Anyone who would keep confidential data on a computer in a physically insecure location without encrypting it is a fucking moron. Fuck him in his working-at-home ear.

Perhaps you didn't notice, but the entire federal government got failing grades on their infosec security report card. Are you really okay with that? By making excuses for idiots who cannot see their way to actually protecting confidential data, you are part of the problem.

Actual this is great

[portwojc]

Actually this is the best thing that could have happened. A complete failure in a system, potential for identity theft, and involving current/past service men/women. I am one of those by the way.

Why is this the best thing? Cause when troops are involved national pride actually works and things get done. People will flip out over this and they will finally fix it. Think of the children is first followed quickly by think of the troops. Now maybe they'll put the responsibility where it belongs. Squarely on the shoulders of those companies that deal with credit. Then I'll stop getting those calls for the new service that protects my credit and it only costs $14.95 a month. Make that free and actually go after these thieves instead of what they do now.

Service to an inept institution.

[GodInHell]

After this, how could one have faith enough to serve an inept institution?"

This is a common misstatement made by those who think joining the armed services is about service to the army, or the navy, or the president. Joining one of the U.S.A.'s armed services is about serving your country, not the individuals in control of it. It's about protecting your homeland from invaders. It's about getting a shot at the brass ring of U.S. citizenship through sacrifice. It's about putting yourself on the line for your brother, your friend, your mother, your future, etc.

When I apply for a job in the states, I do so based on my ability to trust my employer to treat me responsibly. I would refuse a job that didn't pay well, or one where my employment would be degrading or unduly dangerous. Joining any military is a distinctly different sort of employment. It's an inherently dangerous job, one in which you can expect abuse from your employer, rigorous and painful training, and eventual combat duty.

So, in short, while this article is certainly a sign that our government is abusing our troops, one should honor those who do so despite the obvious risks inherent in service. Rather than wondering who would serve, we should wonder who would treat so poorly those who give so much. We ought (as in a moral ought) to respect and honor those who risk their lives to defend our way of life. We ought (again, moral ought) to hold in deepest revulsion those who abuse them, or send out the troops over petty personal desires and greed.

-GiH

I Served - and the OP is wrong in one respect

[EQ]

"how could one have faith enough to serve an inept institution?"

I didnt serve the Army - I served *IN* the Army.

What I served was the American People, through their elected Commander in Chief, and the primary focus of the Oath I and others swear is:

to Uphold and Defend the Constitution of the United States

Second error bythe OP is the "institution" that lost the data was not the military per-se but the Veterans Administration, a cabinet level office that is seperate fromthe Army, Navy, Airforce, marines and Coast Guard,m etc.

When will ./ editors have enough of the spin and editorializing - especially when its egregiously wrong as it is in this case. How about getting an editor with some military background instad of the usual suspects? A little bit if diversity might help ./ avoid posters like the originator who completely misses the point of the article and instead tries to spin it politically (point is veterans records were taken via a moron breaking security at the VA, not some anti-military screed that the OP tries to spin it into).

There Plenty of libertarian geek veterns out there who post here regularly - Rob, grab one and add some diversity to the editorial clique.