Editore"s Note
Tilting at Windmills

Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon Sign up for Free News & Updates

June 8, 2006

NAME THAT OUTRAGE....Here's a little game. I'll give you the quote and source; you guess what outrage the person is describing.

"It's amazing. Such incompetence is worse than anything I've ever seen in six administrations," Senator Patrick J. Leahy, Democrat of Vermont, said during a news briefing. "At some point, this administration has got to stop saying we'll hire or appoint political cronies, but will actually appoint somebody who knows how to make the government work."

Katrina? Iraq? Medicare Plan D? This response could apply to so many administration controversies, but in this case, it's the stunning -- and widening -- data-security breach now encompassing nearly all active-duty military, Guard, and Reserve members.

In the Senate, Democrats renewed their criticism of Veteran Affairs Secretary Jim Nicholson and demanded his ouster following the agency's disclosure Tuesday that personal information for 2.2 million military personnel -- not just 50,000, as initially believed -- was stolen from a VA employee May 3. [...]

In the House, about 150 Democrats called on President Bush to request emergency funds to provide free credit monitoring for the millions of veterans and military personnel who are now at risk for identity theft.

"These records were stolen more than a month ago, and we're still figuring out what information was lost?" asked Representative Tom Davis, Republican of Virginia, whose House Government Reform Committee will hold hearings today in which Nicholson will testify. "We need to hear a good explanation for why that is."

So far, neither the White House nor the VA has one. What a surprise.

Steve Benen 10:10 AM Permalink | Trackbacks | Comments (52)

Bookmark and Share
 
Comments

There are some pissed off veterans out there, I can tell you that.

Posted by: Red State Mike on June 8, 2006 at 10:27 AM | PERMALINK

Thank god my wife and I don't have any credit cards.

Posted by: doug r on June 8, 2006 at 10:37 AM | PERMALINK

the problems of dealing with millions of pieces of info

always ready with the apology, eh?

Posted by: cleek on June 8, 2006 at 10:41 AM | PERMALINK

Isn't it apparent by now, that the GOP has no idea how to govern? Only mindless partisans like cheney, Jay, etc. gainsay that. The GOP thinks holding political power simply means looting the U.S. Treasury for your wealthy constituents and bashing those you dislike or with whom you disagree (e.g. gays, Hispanics, etc.).

The concept of "the common good" is foreign to these people, as the Founding Fathers envisioned good government working. That is why, in November of 2006, the American people have an opportunity to relegate this diseased political party to backbench status again, until they can understand what the American experiment is all about...

Posted by: Stephen Kriz on June 8, 2006 at 10:41 AM | PERMALINK

Or see this this incident as another reason not to trust or support large government bureaucracies.

Posted by: pencarrow on June 8, 2006 at 10:48 AM | PERMALINK

Stephen, I think it's unfair to call these thirty-percenters "mindless."

They're like scientologists - they believe some crazy shit - but they really believe they believe it.

Posted by: GMF on June 8, 2006 at 10:49 AM | PERMALINK

chutzpah: Putting people who don't understand or believe in government in charge of it, and then using the resulting disaster as evidence that government itself is unworkable.

Posted by: Doctor Jay on June 8, 2006 at 10:51 AM | PERMALINK

Instead of reacting to the outrage du jour as usual, wouldn't it be nice if the Dems used this VA fuckup as a springboard for proposing some real privacy protections for all Americans? But I suspect they're too much in hock to the financial industry.....

Posted by: sglover on June 8, 2006 at 10:56 AM | PERMALINK

okay- so they've popped zarqauwi-wowie. bet they wanted to hold on to this till closer to the election, but are so far in the shitter- they just had to bust lose. no sarcasm could rise to this level of incompetence. bush is a sniveling spoiled brat. his own father tried to, once again, save him from himself by finding and arranging for a rerplacement for rumsfeld- and we get, "I'm the decider." yes he is, and what a decider.

Posted by: brkily on June 8, 2006 at 10:57 AM | PERMALINK

Thank god my wife and I don't have any credit cards.

Posted by: Michelle baker on June 8, 2006 at 10:57 AM | PERMALINK

The fact that these records were stolen is hardly Bush's fault, yet the fact that there has been no redress in the month since it occurred surely is. Similarly, Katrina wasn't Bush's fault, yet the complete failure in the aftermath was.

The rampant cronyism of this administration was bound to come back to haunt them. Conservatives may think that most government agencies serve no real purpose, but these events, and others, show the harm that can be done when these agencies are mismanaged.

I can't wait until the adults are back in charge.

Posted by: MeLoseBrain? on June 8, 2006 at 10:58 AM | PERMALINK

Since we CA50 showed its true strips this week, I've decided that bagging on Bush or the GOP congress is NOT a strategy but rather and absence of one. I encourage Steve and Kevin to spend more time developing a Democratic leadership message other then GOP FUBAR.

Posted by: the fake fake al on June 8, 2006 at 11:03 AM | PERMALINK

Instead of reacting to the outrage du jour as usual, wouldn't it be nice if the Dems used this VA fuckup as a springboard for proposing some real privacy protections for all Americans? But I suspect they're too much in hock to the financial industry.....
Posted by: sglover

This is exactly right. The time for a financial version of HIPAA is long overdue. I have no problem with credit agencies tracking and storing my credit history, but they should not be able to release it to any entity - corporate, government or personal - without a signed statement from the individual or a court warrant.

Posted by: MeLoseBrain? on June 8, 2006 at 11:03 AM | PERMALINK

Errrmmmmm.... I yield to nobody in loathing and dismay about the lunacy of today's Republican Party, but I don't think this VA episode can be dropped entirely in Bush's lap. For one thing, as I understand it, the VA secretary acted with greater diligence than the career civil servants under him (which I hate to say, as a civil servant myself). More important, neither party's doing much of anything to protect the electronic privacy of ordinary citizens. Instead, the politicians seem content to take their cues from the financial industry, and apparatchiks of the security state.

Posted by: sglover on June 8, 2006 at 11:04 AM | PERMALINK

hear, hear, dr. J., "chutzpah: Putting people who don't understand or believe in government in charge of it, and then using the resulting disaster as evidence that government itself is unworkable." and steven K, "The GOP thinks holding political power simply means looting the U.S. Treasury for your wealthy constituents and bashing those you dislike or with whom you disagree" ~ that is surely the real deal.

Posted by: brkily on June 8, 2006 at 11:06 AM | PERMALINK

I'm glad to see this on the blogosphere: I've been astonished that it hasn't generated more outrage. My God, the scope is phenomenal. 2.2 million miltary personnel and we don't know what information was lost? In it's own way it is as bad as anything this administration has accomplished.

Myabe we're all just suffering from outrage fatique: Another major f**k-up by Bushco, ho-hum.

But you just have to wonder about Republicans. In the private sector, are they also this fundamentally incompetent?

Posted by: PTate in MN on June 8, 2006 at 11:11 AM | PERMALINK

Or see this this incident as another reason not to trust or support large government bureaucracies.

It's hardly limited to government, which in no way ameliorates the government's culpability here. A couple of months ago, my mortgage holder sent scads of personal information about thousands of mortgage holders on a tape, via DHL, on a truck to Texas--and lost it. Eventually it was found, but not before we all went ballistic about this bank's (LaSalle-ABN Amro, in case you want to avoid these losers) mind-blowing incompetence, technological Ludditism and lack of foresight.

It isn't any less mind-blowing when Bushco and the VA mishandle data and try to cover it up. They deserve all this criticism and more.

Posted by: shortstop on June 8, 2006 at 11:14 AM | PERMALINK

And yes, yes, yes to the people who say the Dems should be taking a leadership role in privacy protection. But they won't, of course, because the financial industry gives them way too many lollipops.

Posted by: shortstop on June 8, 2006 at 11:18 AM | PERMALINK

PTate in MN: But you just have to wonder about Republicans. In the private sector, are they also this fundamentally incompetent?

Certainly not all of them. But you could have looked at George W. Bush's track record in business and easily foreseen the abysmal level of competence that a Bush administration would have, and you would have been entirely correct.

Posted by: S Ra on June 8, 2006 at 11:21 AM | PERMALINK

Yet another example in Bush's long line of actions that have harmed our servicemen and servicewomen and veterans in order to serve his personal and partisan political desires.

UPI's Pamela Hess ...

When the Senate took $1.9 billion out of the war supplemental to fund border security last month, $1.6 billion came out of funds to replace equipment destroyed or worn out from four years of combat in Iraq and Afghanistan.

The money was diverted at the behest of the White House in a last-minute bid to address growing political unrest about illegal immigration. The Office of Management and Budget championed the change without input from the Army or the Marine Corps whose budgets were sliced, a Pentagon budget official told United Press International last week.

In other words, once again Bush has put our troops, and if Bush and conservatives are to be believed about Iraq our national security, at greater risk in order to serve his and his party's own partisan political interests domestically and to reward incompetent cronies.

Posted by: Advocate for God on June 8, 2006 at 11:21 AM | PERMALINK

It's hardly limited to government, which in no way ameliorates the government's culpability here. A couple of months ago, my mortgage holder sent scads of personal information about thousands of mortgage holders on a tape, via DHL, on a truck to Texas--and lost it. Eventually it was found, but not before we all went ballistic about this bank's (LaSalle-ABN Amro, in case you want to avoid these losers) mind-blowing incompetence, technological Ludditism and lack of foresight.

As bad as the VA fuckup is, I think it's a safe bet that even worse blunders will come to light from the financial industry in the not too distant future.

Is it possible that the scale of these episodes might someday undermine the whole credit-based economy?

Posted by: sglover on June 8, 2006 at 11:23 AM | PERMALINK

meLoseBrain
This is exactly right. The time for a financial version of HIPAA is long overdue. I have no problem with credit agencies tracking and storing my credit history, but they should not be able to release it to any entity - corporate, government or personal - without a signed statement from the individual or a court warrant.

Amen to dat.

Posted by: Red State Mike on June 8, 2006 at 11:23 AM | PERMALINK

pencarrow:Or see this this incident as another reason not to trust or support large government bureaucracies.

So do you think we shouldn't have a DoD, or that we shouldn't trust it? Or that we should have an untrustworthy DoD but no department to handle veteran's affairs? Or do we still need both but shouldn't trust either one with personal information or tax money? I'm trying to figure out how that's going to work.

Posted by: cowalker on June 8, 2006 at 11:27 AM | PERMALINK

What's shocking is that the government employee who brought the files home has not been fired. Oh well, that's the advantage of having a government work force with lots of civil service/union protections.

Posted by: DBL on June 8, 2006 at 11:27 AM | PERMALINK

Third. Credit agencies are performing a needed function, but I'd really like it if they got my permission before pimping out my personal information.

Side note: Wells Fargo Mortgage lost my personal data last month - they shipped a 'puter with tons of personal info via a third party. The 'puter never made it to its final destination. The moral of the story: private institutions can screw up, just like the government.

At least Wells Fargo paid for a year's subscription to Identity Guard.

Posted by: NSA Mole on June 8, 2006 at 11:29 AM | PERMALINK

What's shocking is that the government employee who brought the files home has not been fired. Oh well, that's the advantage of having a government work force with lots of civil service/union protections.

Right. And it's the "union" that's protecting the high-level Bush appointees from getting the canning they so richly deserve. For cryin' out loud, that was weak, DBL.

Posted by: shortstop on June 8, 2006 at 11:31 AM | PERMALINK

Who in the world keeps a sensitive database like that on a laptop that you take home from work?!

Okay, it was a replica of the database not the database itself but you know what I mean.

Was this simply bad judgement coupled with bad luck or something more? The whole thing seems suspicious to me.

Posted by: Tripp on June 8, 2006 at 11:31 AM | PERMALINK

Side note: Wells Fargo Mortgage lost my personal data last month - they shipped a 'puter with tons of personal info via a third party. The 'puter never made it to its final destination. The moral of the story: private institutions can screw up, just like the government.

At least Wells Fargo paid for a year's subscription to Identity Guard.

Since, as noted in my story above, LaSalle-ABN Amro had already made the same blunder--I just checked and it was actually a few, not a couple, months ago--it is beyond my comprehension that Wells Fargo would repeat the mistake. "But these third-party shippers are so cost effective!" Unbelievable.

Posted by: shortstop on June 8, 2006 at 11:34 AM | PERMALINK

America's millions of veterans don't really care about things like their identities being stolen, and you're only trying to exploit their so-called plight to make it look like you don't actually hate the military. If you REALLY loved our soldiers, though, you'd be taking substantive action like sending them off to as many wars as possible and then putting a yellow-ribbon sticker on the back of your SUV. Constantly putting our soldiers' lives in harm's way exposes them to multiple real-world combat experiences and shows them that you care about them remaining the most able fighting force on the planet, and they consider it thanks enough. Worrying about stuff like identity security and veterans' benefits that only come into play AFTER they return home from the combat theater is just so much left-wing posturing.

Posted by: American Hawk's stand-in on June 8, 2006 at 11:39 AM | PERMALINK

I hear there will be a big court case out of this and if it's anything like the recent Wen Ho Lee verdict then the government will pay dearly.

As the Vichy democratic appeaser party that is full of dead wood ( Like Kevin Drum ) doesn't seem interested in investigations maybe court cases are all that's left to hold the state accountable?

Say it aint so Steve.

Posted by: professor rat on June 8, 2006 at 11:41 AM | PERMALINK

...but, but, but...Abu Musab al-Zarqawi is dead. Democracy is on the march.

BTW one can guess that al-Zarqawi had a few moments where he wished he had used Osama's conference planner.

Posted by: Keith G on June 8, 2006 at 11:43 AM | PERMALINK

DBL: What's shocking is that the government employee who brought the files home has not been fired.

Nothing at all shocking about it.

The only protection a governmental employee needs in the Bush administration is incompetence, dishonesty and corruption.

Those three things will get you promoted, not demoted or fired, in this administration.

Posted by: Advocate for God on June 8, 2006 at 11:46 AM | PERMALINK

Calm down, folks. It will be okay. You didn't complain like this when your own data was "stolen" from banks all over America. It is nice that you care about our vets but the VA data is going into our ultra-secret ultra-secure bunkered databanks even as you blog, it isn't going anywhere else. Same as yours did. If you actually took the time to breath you would see none of the personal information we have "gathered" has been leaked or sold or done any of our citizens harm. Yes there have been the random firing but really, even they are rare. Go back to complaining about Bush. We know what we are doing. It will be okay.

Posted by: Data Hor on June 8, 2006 at 11:56 AM | PERMALINK

As a veteran affected by this fuckup, I got my letter yesterday, and a DBA in charge of administering personal data, I can say I am bullshit about this. I cannot for the life of me figure out why someone would need to have my data on a laptop outside the office. I left the army 30 years ago and have not been near it since. Why they would even need my data other than in an archive is beyond me.

I heard that the DBA in questions supervisor was a political hack with no computer experience. Can anyone confirm that! Does not excuse the SOB but does put it into perspective!

Posted by: mat1492 on June 8, 2006 at 12:05 PM | PERMALINK

You didn't complain like this when your own data was "stolen" from banks all over America.

is this your first time at this blog ? financial data security is one of Kevin's favorite topics.

Posted by: cleek on June 8, 2006 at 12:10 PM | PERMALINK

What's shocking is that the government employee who brought the files home has not been fired. Oh well, that's the advantage of having a government work force with lots of civil service/union protections.

DBL, whats shocking is thatyou do not remember your U.S. history: Jackson and the spoils system; the Garfield assassination to name a few topics.

Not that long ago one of my uncles got fired when the Republicans took over his county in Ohio. He was a county road and sign inspector and a Democrat.

DBL, there is a process. If that guy is still on the job he is at home pending a review and final hearing. His desk has been emptied, his keys, ID, and computer access are gone. As is his pension, sure enough.

This system, imperfect, was designed to give some measure of protection to the innocent from bullying politicos.

Posted by: Keith G on June 8, 2006 at 12:13 PM | PERMALINK

Hey, mat1492: What kind of letter did you get? I'm a vet also, and I haven't heard anything from the VA, though I assume I'm in the pool of those potentially affected (that'd be pretty much everyone who was in the service since the Korean War or earlier, wouldn't it?)

Posted by: sglover on June 8, 2006 at 1:18 PM | PERMALINK

This story made my blood curdle, because I work with this sort of data daily. I don't slosh it about as this fellow seems to have done, but still... It's fairly clear at this point that what was lost was an eligibility file. Just a list of names, when they became eligible, address, SSN and similar. It's something you need to do any sort of work with health care data, which uses SSN heavily. We don't need new laws... HIPAA covers this nicely.. this was personally identifiable information. It shouldn't have been on a laptop, but it isn't all that surprising, either. Eligibility files are fairly small (compared to the claims data). A screw up, certainly, but there is nothing surprising about it to me. This kind of administrative data is everywhere. The scandal here, as far as I'm concerned, is the state of the Social Security number. Knowing someone's name, address and ID number should not be enough information to secure credit. The problem is with the idiotic banking system that makes even such trivial information dangerous, far more than one careless data monkey. There will always be careless data monkeys.

Posted by: boring on June 8, 2006 at 1:56 PM | PERMALINK

Lot's of military types and their admirers (unaccountably) still like and support Bush/Co. - or used to. Maybe this will finally wake them up and send those approval ratings into the lower 20s and beyond.

Posted by: Neil' on June 8, 2006 at 1:57 PM | PERMALINK

Hi sglove. I got a nice little form letter with a list of FAQ's about the data loss. It is my understanding that it only effects those vets disharged after 1975. I was discharged in 1976.

Posted by: mat1492 on June 8, 2006 at 2:07 PM | PERMALINK

I saw that story yesterday...but then when I was asked what the good Senator had been referring to today I couldn't remember due to the overabundance of applicable incompetences, illegalities, and downright backdoor political wheeler-dealing going on by the King's Men.

Posted by: parrot on June 8, 2006 at 2:16 PM | PERMALINK

There's overwhelming evidence of cronyism and incompetence by the Bush Administration -- but a nitwit civil servant taking files home on his laptop and then getting robbed is not among it. Let's face it, anybody can hire a stupid employee, and a careless clerk is not exactly a new phenomenon.

Nor does it seem that weird that they can't figure out exactly what was taken - IIUC, the data weren't just copied, they were actually removed. Since they guy wasn't supposed to have it at all, he didn't sign it out, so how could they tell just what was on there?

I don't think people are being reasonable.

Posted by: trilobite on June 8, 2006 at 2:42 PM | PERMALINK

trilobite,

Pardon me but you have no clue what you are talking about.

Assuming that you are correct and some careless clerk was able to not only copy sensitive data but to actually remove the data (along with any backups) from the server then the VA has a LOT bigger problem then a single stupid employee.

Anyone who has any experience with data keeping at all knows you must have procedures in place to prevent justthis sort of thing.

You provide access only to those with a need to have it and you provide data backup so you can restore the data if needed.

Posted by: Tripp on June 8, 2006 at 3:03 PM | PERMALINK

My wife worked a GS13 job at the VA that involved confidential patient data. Her department was continually being asked to cut its budget by yet another 10%. When people left her department, they were not replaced (deliberately so), and she had to take on their workload. Eventually, she quit.

If the Dems want to tie this lapse to the administration, then why aren't they screaming about the budget cuts and the VA's policy of thinning the ranks through deliberate attrition? When you're saddled with more work than you can handle because your employer won't hire enough people to do the job, you take stuff home and finish it after hours.

I'm not excusing the security breach, but let's not neglect the politically driven policies at the top that may have contributed to it.

Posted by: Lionel Hutz, attorney-at-law on June 8, 2006 at 3:03 PM | PERMALINK

mat1492: I heard that the DBA in questions supervisor was a political hack with no computer experience.

Since virtually everyone in the administration, or appointed by the administration, can be thus described, this is really no surprise.

Good luck, though, avoiding identity theft.

I wouldn't wish that on hardly anyone.

Although I hear Cheney stole Bush's identity and refuses to return it and I really can't work up any enthusiasm to feel sorry for the bloke.

Posted by: Advocate for God on June 8, 2006 at 3:09 PM | PERMALINK

If the Dems want to tie this lapse to the administration, then why aren't they screaming about the budget cuts and the VA's policy of thinning the ranks through deliberate attrition?

Well that just gets at the question of why the Dems can't be a more effective opposition party. Damn good question; wish it had a solution.

Posted by: cyntax on June 8, 2006 at 3:13 PM | PERMALINK

Kriz,

You are a flamming idiot!!!

Posted by: Clinton Era on June 8, 2006 at 3:31 PM | PERMALINK

'Kriz,

You are a flamming idiot!!!
--Clinton Era

I have never made flam in my life.

Posted by: Stephen Kriz on June 8, 2006 at 3:34 PM | PERMALINK

Thanks AG.

I have been pondering the odds of my identity being stolen from this fiasco. They obviously cannot steal all 25 million identities, or can they. Therefor only a subset of this total will be stolen. So I have a 1 out of 25 million chance that I will be one of them. With my luck I will be the first one! :) (Yes I know that the actual odd calculations are much more complex than this so dont spam me)

Posted by: mat1492 on June 8, 2006 at 3:36 PM | PERMALINK

I have been pondering the odds of my identity being stolen from this fiasco. They obviously cannot steal all 25 million identities, or can they. Therefor only a subset of this total will be stolen. So I have a 1 out of 25 million chance that I will be one of them. With my luck I will be the first one! :) (Yes I know that the actual odd calculations are much more complex than this so dont spam me)

As far as anyone knows, the actual data could have been wiped by whoever ended up with the laptop.

Incidentally, the Montgomery County (Maryland) sheriff's department is offering a $50,000 reward, no questions asked, for the laptop. Which makes the economics of federal laptop boosting look damn appealing.....

Posted by: sglover on June 8, 2006 at 3:46 PM | PERMALINK

"They obviously cannot steal all 25 million identities, or can they."

They could sell the information to big-time players like the Russian mafia if they had the connections.

Posted by: cowalker on June 8, 2006 at 5:13 PM | PERMALINK

You provide access only to those with a need to have it and you provide data backup so you can restore the data if needed.
Posted by: Tripp

Really. This is Data Storage 101, really basic stuff. These records should be encrypted and password protected so that, even if some dipstick employee takes them home, "burglars" wouldn't be able to access them (at least not easily).

This story stinks. Either the VA is woefully incompetent (and that is not a far-fetched possibility), or it's an inside job.

Posted by: MeLoseBrain? on June 8, 2006 at 5:14 PM | PERMALINK




 

 

Read Jonathan Rowe remembrance and articles
Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon Sign up for Free News & Updates

Advertise in WM



buy from Amazon and
support the Monthly