Retired Military

Breach of Trust Undermines Active & Retired Military
By Diane M. Grassi

On the 62nd anniversary of D-Day, June 6, 1944, when the United States Armed Forces as part of the Allied Forces including Britain and Canada, landed on the beaches of Normandy, France and helped free France and much of Europe from the strongholds of Nazi Germany, there is no better time than to remember the sacrifices of all U.S. military members and their families. And such sacrifice should serve as a reminder that it is the absolute obligation of the U.S. government and its people to not only honor their memories, but to assure them the security of their most vital information, either while still serving in the armed forces or as retired military.

However, all U.S. veterans discharged after 1975 learned just prior to Memorial Day 2006 that their most crucial personal information from the Department of Veterans Affairs had been stolen and still remains in the public domain. Since the revelation, announced by Secretary of Veteran’s Affairs, R. James Nicholson, on May 22, 2006, that names, dates of birth, Social Security numbers, including phone numbers and addresses had been stolen on as many 26.5 million service members and some of their spouses, such information did not even include the total amount of information or number of other service members’ information that has since been discovered.

It all started when on May 3, 2006 a 30-year career senior-level information technology specialist in the Office of Policy of Veteran’s Affairs (VA) was in violation of security procedure. He took home a laptop computer, which belonged to the VA. He had been working on an annual study about veterans’ demographics. It was also revealed that unbeknownst to his supervisors that he had been doing such for three years, including downloading unencrypted information from his home.

The laptop contained a hard drive with the information and he also took home computer disks and a flash memory stick. The employee reported the purported break-in of his Aspen Hill, MD home to the local Montgomery County police in addition to Michael H. McLendon, VA Deputy Assistant Secretary for Policy of the theft shortly after it occurred. Law enforcement considers the theft to be a random burglary, but its ramifications of the theft represent the largest personal identification breach which includes Social Security numbers, in U.S. history, in either the public or private sectors.

Also, the timeline of those in the chain of command at the VA has only added to increased criticism of the questionable and lax fundamental security at the VA, documented for at least five years. On May 5, 2006, Dennis M. Duffy, Acting Assistant Secretary for Policy Planning and Preparedness was told of the theft. On May 9, 2006 Duffy then informed VA Chief of Staff Thomas Bowman, and suggested that senior management notify veterans that security on their information had been compromised. But Bowman waited until May 10, 2006 to inform Deputy Secretary Gordon Mansfield, the VA’s No.2 official. Neither Duffy nor Mansfield advised Secretary Nicholson until May 16, 2006. VA Inspector General, George Opfer, testified on May 25, 2006 before the House of Representatives Committee on Veteran’s Affairs, the Senate Veteran’s Affairs Committee as well as the Senate Committee on Homeland Security and Governmental Affairs, stating that “while attending a routine meeting at the VA’s Central Office, heard another Information Security Officer that a VA employee’s home had been burglarized and that VA electronic records may have been stolen.” Obviously IG Opfer was spared the information as well.