More VA data stolen

Unisys computer contained hundreds of thousands of unencrypted records.
Written by ZDNET Editors, Contributor

There's been another data theft at the Veterans Affairs Department, Government Computer News is reporting. A desktop computer was stolen from a Unisys, a VA contractor, and the FBI and local law enforcement are investigating.

Unisys said the desktop computer contained billing records with information for veterans who sought treatment at two VA medical centers, one in Philadelphia and one in Pittsburgh. The information includes names, address, Social Security numbers and dates of birth. It does not include personal financial information.

"The data were used only for insurance collections management purposes and may include insurance carrier and billing information as well as claims data with some medical information," Unisys said in a statement.

"Twice in three months our veterans' personal information is found in peril. Decisive action must be taken now to install the necessary security protocols and prevent future breaches," Rep. Frank LoBiondo said in a statement.

Unisys notified VA Aug. 3 that the computer was missing from its Reston, Va., offices. VA immediately dispatched a team to Unisys to assist in the search for the missing computer and to help determine the precise nature of the information it may have contained.

Unisys had observed security controls, but there was not a requirement to encrypt the data, said Unisys spokeswoman Lisa Meyer.

“The building and floor where the computer was located require security protocols for physical access. Log-in and password protocols also were required to access the data, which were stored in a database on the computer,” she said.

"Unisys takes very seriously its responsibility to safeguard individuals' personal information and shares the concerns this incident will cause," the company said. It will also work with VA regarding the notification of potentially affected veterans and the offer of credit monitoring.

Editorial standards