More good news about the care given to our GIs and Vets – will it ever end? Make you feel good all over, doesn’t it?

http://www.armytimes.com/news/2008/06/ap_walterreed_data_060208/

Walter Reed: Data breach at military hospitals
By Jennifer C. Kerr - The Associated Press
Posted: Monday Jun 2, 2008 17:52:12 EDT – Army Times Online

WASHINGTON — Sensitive information on about 1,000 patients at Walter Reed Army Medical Center and other military hospitals was exposed in a security breach, sparking identity theft concerns and an investigation by the Army.

Names, Social Security numbers, birth dates and other information was released, hospital officials said Monday. The computer file that was breached did not include information such as medical records, or the diagnosis or prognosis for patients, they said.

The disclosure marked the latest in a series of breaches of government computer records.

Walter Reed officials declined to explain exactly how the information was compromised, pending an ongoing investigation by the hospital and the Army. They would only say that the computer file was found on a “nongovernment, nonsecure computer network.”

The medical center learned of the breach May 21 from an outside data mining company, which officials did not identify. They said the company was working for another client, found the file and contacted Walter Reed.

The hospital said it is working to notify all of the people named in the data file. Letters or e-mails were being sent out, beginning Monday. Officials declined to say how many patients were from Walter Reed and how many were from other military hospitals.

The chairman of the House Armed Services Committee, Rep. Ike Skelton, D-Mo., said he wants to hear from the Army about its investigation.

“It’s very troubling when private data is inappropriately released,” Skelton said. “We must ensure that personal information is protected and prevent any future compromise of patient records.”

Walter Reed plans to offer free credit protective services to patients whose information was revealed.

The hospital also has set up a toll-free hot line for people to call to see if their information was disclosed at (877) 854-8542, ext. 9.

The federal government has been stung by a rash of data breaches in recent years.

• At the Agriculture Department, a hacker broke into the computer system in June 2006 and may have obtained names, Social Security numbers and photos of 26,000 Washington-area employees and contractors.

• The Veterans Affairs Department acknowledged a massive breach in May 2006 in which personal data on up to 26.5 million veterans was lost.

• At the Health and Human Services Department, personal information for nearly 17,000 Medicare beneficiaries may have been compromised in early 2006 when an insurance company employee called up the data through a hotel computer but didn’t delete the file.

• At the Energy Department, Social Security numbers and other data for about 1,500 people working for the National Nuclear Security Administration may have been compromised when a hacker gained entry to its computer system in 2005.

Just my 2cents; but with just about everything relating to health care dependent on the SSN of the sponsor then no one, retired or active duty is going to be truly safe from having their information broadcast to the the world sooner or later.

Two points, number one, AGAIN!
Number two, if we went back to each member having a service number instead of using their social security number, then we wouldn't have this problem.
It's a simple solution, to a complex problem of identity theft...
Respectfully, SUNLINER81

Here is what the government thinks is the answer – sounds like a laundry mark to me.

Here is what the government thinks is the answer

Military IDs to List Only Four Digits of SSNs

http://www.military.com/features/0,15240,168336,00.html

Stars and Stripes | Charlie Reed | May 22, 2008
When Social Security numbers were essentially worthless, they used to be stitched and spray-painted on troops� duffel bags.

Now that identity thieves can parlay the numbers into thousands of dollars or more, the Department of Defense is trying to make them invisible. And not just to the naked eye.

The DOD recently announced it will begin truncating Social Security numbers on military identification cards in December. Only the last four digits of the number will appear on the card. Along with limiting their visibility, military agencies are also moving toward using the shortened versions when sharing records.

The plan is part of a bigger federal fight against large-scale cyber crime rings.

"Data breach, that�s been the focus of our attention," said Mary Dixon, director of the Defense Manpower Data Center, a DoD clearinghouse for personnel and training databases in Arlington, Va. "Many more people have been affected that way."

Incidents such as the 2006 Veterans Affairs Department flap � in which the sensitive records of millions of veterans were compromised when an employee�s laptop was stolen � are driving the effort, she said.

It�s being accomplished by constantly enhancing computer network security, vetting information handlers more often before trusting them with sensitive records, encrypting more data and steering away from tying Social Security numbers to as many personal records, Dixon said.

The measures are not unique to the military.

"This is something the whole government is trying to do," said Betsy Broder, an ID-theft expert with the Federal Trade Commission.

A presidential task was established in 2006 and incorporates 17 federal agencies in an effort to reduce ID theft both in the public and private sectors, said Broder, assistant director of the division of privacy and identity protection at the FTC, which tracks ID-theft data used by local, state and federal law enforcement authorities.

Before the Internet revolution increased the reach and ease of communication and commerce, stealing someone�s identity was more difficult. That�s changed in recent years with the proliferation of online public records systems, search engines and other sources of official and unofficial documents floating around cyber space.

"Technology has made it much easier for ID thieves to ply their trade," and has led to a wholesale information black market that criminals use to sell, buy and trade large amounts of sensitive data, Broder said.

The Social Security number is often the key to breaking the code into someone�s financial, medical and other personal records. What�s more, the number and the name attached to it are often all that�s needed to fraudulently open a line of credit or buy property.

Rolled out in 1937 to implement President Franklin D. Roosevelt�s government welfare program, Social Security numbers have evolved into much more and are now required for getting a job, securing insurance, buying a house and paying taxes.

"If [Social Security numbers] were only being used for the purpose they were designed for we wouldn�t have this discussion," Dixon said. "But everybody uses the Social Security number for everything."

That�s why it will take the military until the end of 2009 to remove the full Social Security number from all 8.2 million ID cards currently issued worldwide. The phase-in will give time to process all the new cards that will have to be issued, plus, more importantly, time for military agencies that have built their records and operations systems around the nine-digit numbers time to change the way they do business, Dixon said.

"It�s not difficult technically. The software is easy, but everyone who uses the Social Security number is going to have to prepare for a big change, and that takes a little bit of time," she said.

Protect your identity and credit information

Place an "active-duty alert" on your credit before deploying by contacting at least one of the three major credit reporting companies � Equifax, Experion and TranUnion. One company will contact the rest. The alert requires creditors to verify servicemembers� identities before issuing lines of credit in their names. It also removes their names from the nationwide consumer reporting companies� marketing lists for prescreened credit and insurance offers for two years.

Get a copy of your credit report annually to check for any irregularities. The Fair Credit Reporting Act requires the three companies provide the information for free at least once a year. If you discover anything out of the ordinary, contact the companies and report the incident to base police and the Federal Trade Commission.

Don�t delay in correcting your records and contacting all companies that opened fraudulent accounts. Make the initial contact by phone, although you will normally need to follow up in writing. The longer the inaccurate information goes uncorrected, the longer it will take to resolve the problem.

More information on the Web at: www.ftc.gov/idtheft
Source: Federal Trade Commission.

quote:

Originally posted by SUNLINER81:
Two points, number one, AGAIN!
Number two, if we went back to each member having a service number instead of using their social security number, then we wouldn't have this problem.
It's a simple solution, to a complex problem of identity theft...
Respectfully, SUNLINER81

Amen, SUNLINER. I still remember mine (both of 'em) AND my Dad's! Come to think of it, that was another foiler: if you went from enlisted to ossifer, you got a new serial number, which is why I had two.

quote:

Originally posted by Cider33Alpha:

quote:

Originally posted by SUNLINER81:
Two points, number one, AGAIN!
Number two, if we went back to each member having a service number instead of using their social security number, then we wouldn't have this problem.
It's a simple solution, to a complex problem of identity theft...
Respectfully, SUNLINER81

Amen, SUNLINER. I still remember mine (both of 'em) AND my Dad's! Come to think of it, that was another foiler: if you went from enlisted to ossifer, you got a new serial number, which is why I had two.

I agreed with Sunliner the other day when he suggested we go back to using serial numbers. It just plain makes sense! Which is probably why we won't.

Here we go again...

Every time this happens, I get a very apologetic letter ("... we deeply regret ... take your privacy seriously ... blah de blah de blah ...") and, on the plus side, a year's worth of free credit reports.