Thursday, May 6, 2021

Veterans Seek Billions in Data Breach Suit

WASHINGTON – Angry veterans aren’t waiting for Congress to take action over the recent Veterans Administration loss of 26.5 million personal records of veterans.

Tuesday afternoon, a coalition of veterans groups filed a class action lawsuit demanding the VA name those who are at risk for identity theft. The suit seeks $1,000 in damages for each person, a payout that could reach $26.5 billion.

According to the lawsuit, the VA’s loss of the records violated both the U.S. Privacy Act and the Administrative Procedure Acts.

“It is appalling to all veterans that their personal information — information that is supposed to be held in confidence — is potentially in the hands of individuals who can wreak identity-theft havoc,” John Rowan, the national president of Vietnam Veterans of America and a plaintiff in the lawsuit, said in a statement.

Other veteran groups backing the lawsuit include the National Gulf War Resource Center, Radiated Veterans of America, Citizen Soldier and Veterans for Peace.

The lawsuit also seeks a court order to prevent the VA from any further use of veterans’ data until a court-appointed panel of security experts determines appropriate safeguards to prevent future data breaches.

“This lawsuit seeks to insure that no harm will come to veterans as a result of this theft, and that such an incident can never occur again,” Rowan said.

In late May, the VA disclosed it had suffered the second largest known data breach in U.S. history and the largest Social Security numbers breach ever.

The breach occurred when a VA employee violated agency policy and took a laptop with the records on it home, where it was stolen in a burglary.

“The VA has been criticized for years about lax information security and that includes criticism from the VA’s own Inspector General. The VA still hasn’t properly secured all the personal information under its control,” Rowan said.

He added: “We hope this lawsuit will help Secretary [Jim] Nicholson correct the known vulnerabilities in how the VA protects private information.”

The breach sparked new interest in Congress to pass data protection and disclosure laws.

While more than 10 bills were introduced in the aftermath of the ChoicePoint data breach 17 months ago, neither the U.S. House or Senate has been able to actually pass a measure.

The legislation has bogged down over issues of just exactly what is the trigger to publicly disclose a data breach. Should it be a “reasonable” or “substantial” threat to result in identity theft?

This article was first published on InternetNews.com. To read the full article, click here.

Similar articles

Latest Articles

What is Raw Data?

By itself, raw data doesn’t look like much or mean much, but it has the potential to be processed for analysis.  Processed data comes from...

What is Data Analysis?

Everything measurable that has happened, is happening, and will happen in a business can be boiled down to data. But not all data is...

IBM Begins Cloud Confidentiality...

IBM has positioned its cloud offering against the unique security, compliance and confidentiality needs of specific vertical markets with a sharp focus on finance...

Top Big Data Certifications...

The term Big Data reflects a very real growing trend. By 2020, every human will be generating an astounding 1.7 MB per second. That...