2 Young Scalawags Charged in Veteran Data Theft

Nineteen-year-old Jesus Alex Pineda 19, and Christian Brian Montano were charged Saturday in the left of a laptop containing 26.5 million veteran’s records.

The laptop contained unencrypted names, SS numbers and birthdays of millions of service members, both veteran and active.

The Veteran’s Affairs snafu was the largest data breach in federal government history, but that’s new to its perps, who were both wanted in conjunction with multiple other robberies.

“As far as we can determine, this was a random burglary,” Montgomery County Police Chief Thomas Manger said at a news conference. “They did not know what they had.”

VA announced plans to fire the analyst, Wayne Johnson, 60, who took the laptop home. Johnson has worked for the department for over 30 years and is challenging the dismissal.

Kids, they don’t got no respect for they elders these days.

UPDATE: Yet another Veteran’s Affairs computer containg 38,000 records has gone missing…

Comments

Edit Your Comment

  1. Pelagius says:
  2. Fired? Good.
    They have a policy on what data can leave the premises, right?

  3. Ishmael says:

    Companies don’t give their employees laptops if they expect that employee to only be working in the office. Desktops are much cheaper for that purpose. However, he was a fool for not encrypting the data. I work at home for a large health insurance company. While my work computer contains no personal information on the hard drive, I still have to keep the thing heavily encrypted just in case someone broke into my home and lugged the heavy bastard off. You can’t even log into the member database without two different passwords.

    My opinion is that the VA is firing this guy as a PR move, and is really doing him wrong. They should have provided him with tools to encrypt his laptop, and he should have hollered until they did. This isn’t grounds for his dismissal.

  4. Morgan says:

    It was my understanding that the data was encrypted and that the thieves hadn’t accessed it… or am I confusing this with one of the other lost data stories?

  5. Ben Popken says:

    Morgan: The thieves hadn’t accessed it but the data ended up being UNencrypted.

  6. Elvisisdead says:

    Ishmael,
    You severely overestimate the power of a user in any enterprise – especially a government one, and ESPECIALLY the VA. That man used the equpiment that was given to him. He has to know what encryption is and how to use it before he can ask for it. Even if he asks for it, someone has to be in the position to give it to him.

    Two different passwords does not encrypted make. Are you running any disk encryption? How about secure deletion of files? What standards does your “encryption” comply with? NIST? DoD? NSA? How about two-factor authentication where one factor isn’t on the computer itself? Maybe something like a SecurID? Or is it just two passwords?

    The OMB circular regarding the requirements for sensitive data is here: http://www.whitehouse.gov/omb/memoranda/fy2006/m06-16.pdf<…