Protect those who protect us!
(hat tip to Cathy)
As reported on Stryker Brigade News, King5.com and thenewstribune.com, a laptop containing the personal information of 800-900 soldiers from the 4/2 has been stolen. The theft reportedly happened somewhere between the late hours of July 3 and the early morning hours of July 4 when (presumably from the information I read) a civilian employee of the Army took the laptop home and did NOT secure the truck where the laptop was left. The employee is reported as saying that there was no classified or top secret information on the computer. I understand the difference between classified and top secret information. The information of possibly more than 800 of our soldiers should most certainly be treated as at least highly sensitive.
After 14-months of working in the Surge in Iraq the soldiers in the 4/2 deserve a heck of a lot more consideration than someone leaving their personal information in an unlocked vehicle.
Ft. Lewis officials issued the following statement about the theft:
“The Army takes security of personal information extremely seriously, and we are investigating this incident fully. However, it is apparent that Army standards and policy regarding protection of this information were not followed, and we are making immediate changes to step up enforcement of these policies to prevent this from happening again. We know what information may have been compromised, and we have already begun the process of notifying the appropriate Soldiers. We are also committed to working with local authorities to pursue prosecution to the maximum extent possible if these Soldiers’ information is misused.”
I really hope that a lot is learned about this incident. It’s not the first time that Veterans’ have had this scare, but there is not a single excuse for this to ever happen again. If I had ever been this reckless with information when I was working in a social work position I would have been sued (and rightfully so). The Army has to address this problem in a way that ensures it will never happen again. Securing the personal information of our soldiers should be treated as a top priority.
I leave you with this thought. If the company LifeLock can guarantee civilians identity theft protection to sum of a $1,000,000 should a theft occur on their watch, why can’t we offer the exact same protection for all of our soldiers and veterans?
No mention as to whether the data was encrypted and password protected.
As the encryption and protection of sensitive data is a mandatory requirement of the holders of classified information, I doubt that the loss of the ‘puter will cause much damage.
However, if the person in charge of the unit didn’t follow protocol, then the fertilizer may have contacted the rotary oscillator (as they say in the word of Spookdom).
Also be wary of LifeLock. There is always a backdoor in any system, and an IT person knows where it is. If LIfeLock whizzes off the wrong guy, he’ll depart with all the data and sell it to the highest bidder. he company is already swirling with controversy:
“A man who stole the identity of LifeLock co-founder Todd Davis won’t face criminal charges, police say, because LifeLock stepped in before the police could finish investigating the crime and coerced the suspect into making a videotaped confession that isn’t admissible in court.”
“Davis, you’ll recall, publishes his Social Security number on LifeLock’s web site and in the company’s TV commercials to demonstrate how effective the company is in protecting the identity of its customers. Back in June I disclosed that Davis himself had become a victim of identity theft after someone used his Social Security number to obtain a $500 loan. The news only added to the scrutiny and criticism the company was already facing over the questionable background of its other founder Robert Maynard, Jr., who subsequently resigned amid that other controversy.”
Read more here from Wired.com
http://blog.wired.com/27bstroke6/2007/07/police-say-life.html
I didn’t realize that lifelock had those problems.
I would imagine that the laptop had a password. That is usually pretty standard I would think and hope — if nothing but to keep separate accounts on the computer. I don’t understand though how they could let anyone leave the base with that kind of information. You know what really scares me… we know that there are terror cells here in this Country. I don’t trust our enemies in the least, and they would love to have this kind of information. I don’t know. It just feels horrible. I remember just a few years ago when a lot of Vets had their medical records compromised. It just feels inexcusable to me. Maybe I am having a knee jerk reaction because of my training. Seriously. I could have been sued for simply acknowledging a client in public. Information was treated as more valuable than gold, especially personal information like name, social, addresses, etc.
Al beat me to this one! :-)
Lifelock ran into some interesting issues. …
I do hope they had some level of encryption and password protection on the missing laptop, though. I’m concerned if the employee brushes it off as ” there was no classified or top secret information on the computer”
That’s no excuse for letting a laptop get stolen… !
Piper, I have to wonder if he would have felt so confident about that if his private information was on that laptop. Maybe that’s the key! Since the times this has happened it has been that an employee has been careless with a laptop… maybe we should make them put their own personal information on the laptop. I bet they might be willing to protect it a little better than leaving it in an unlocked car.