DOD data center worked overtime on stolen personnel files

Featured eBooks
Next-Generation Computing
Read Now

Space Tech

Read Now

Cyber Workforce

Read Now
Insights & Reports
Data Storage To Meet Every Need, All Powered By ONTAP
Presented By TD SYNNEX
Download Now
Strengthening Government Resilience: Securing the Future of the Federal Workforce
Presented By Cornerstone OnDemand
Download Now
By Bob Brewin

By Bob Brewin

|

Data specialists spent last weekend sifting through records to determine that the missing Veterans Affairs database also contained info on active-duty personnel.

The Defense Manpower Data Center (DMDC) worked during the past weekend to determine that a stolen Department of Veterans Affairs database, which contained sensitive personnel information on 26.5 million veterans, also contains information on as many as 1.1 million active-duty personnel, a DOD spokesman said.

Army Lt. Col. Jeremy Martin, a Pentagon spokesman, said the VA informed DOD June 1 that the stolen database may have included information on active personnel.

DOD then asked the VA to transmit an original of the file stolen from the home of a VA data analyst May 3 to DMDC. That file, Martin emphasized, was encrypted and then transmitted over a secure link from the VA to DMDC.

DMDC employees then worked over the weekend to compare records in the VA file with records of active-duty and reserve personnel and determined that records for as many as 1.1 million out of 1.4 million active duty-personnel may have been included in the stolen VA database, Martin said.

He added that records on 430,000 members of the National Guard and 645,000 members of the Reserves -- or roughly 90 percent of Reserve and Guard personnel -- may have been on the stolen database.

Martin said DMDC employees worked over the weekend because “responding to the compromise of service personnel’s information was an urgent priority and required immediate attention.”

Once DMDC completed its work, DOD informed the VA June 5, and VA Secretary Jim Nicholson announced the latest fallout from the data theft June 6, which has consumed the agency since it surfaced in late May.

The VA “committed to providing updates on this incident as new information is learned,” Nicholson said. The department is working with DOD to notify all affected personnel.

Nicholson said the VA is in discussion with several entities to provide credit-monitoring services for active-duty and military personnel potentially at risk from the data theft.

David Rubinger, a spokesman for Equifax, a large credit-reporting service, said the company has not received any such request from the VA, but added that individual fraud alerts by veterans has spiked ever since the VA announced the theft.

Martin said DMDC is still comparing its files with the VA database, a process which it should complete by the end of the week, at which time the center could determine a smaller number of records are at risk from the VA data theft. Martin said the number of records at risk from the theft could lower, but it will not increase.

NEXT STORY: DHS doesn't take cyberattack threats seriously, former IG says