The Veterans Administration agreed on Tuesday to paying $20 million to veterans who were potentially exposed to identity theft arising out of a data security breach in 2006 of their personal identifiable information. This currently is the largest data breach in U.S. government history, and occurred when a VA employee wanted to take their laptop home to do some work. The VA analyst admitted that he had lost the laptop, and external hard drive, containing the names, date of birth, and Social Security Numbers of up to 26.5 million veterans and active-duty personnel.
In court filings Tuesday, lawyers for the VA and the veterans said that they had reached a settlement in a class action lawsuit originally filed by five veteran groups alleging invasion of privacy. The money, which will come from the U.S. Treasury, will be used to pay veterans who can show they suffered actual harm, such as physical symptoms of emotional distress, or expenses incurred as a result of credit monitoring. Ever since the breach was disclosed, the federal government has gone to expensive lengths to institute standard practices and policies around protecting mission-critical data. Has the wave of class actions begins to build, corporations and governmental agencies would be advised to implement stricter standards for information protection.
Data loss prevention strategies can be costly for organizations to implement, but there are certain safeguards that can be implemented that are not so cost prohibitive. Administrative controls, as well as, technical controls should be considered when developing a cyber-security program.
Also, in response to a Ponemon Institute survey, half of IT security professionals, and a quarter of IT operations experts see cyber-thieves as their biggest concern with 92% of the respondents reporting that they had suffered some form of a cyber-attack. The FTC also stated that consumer complaints regarding Internet-related fraud are on the rise. This has prompted the Department of Justice to aggressive go after cyber-criminals using new legislation that will allow them to better prosecute the criminals and compensate victims.
To read the full article about the Department of Justice’s response to the increase in cyber-attacks, please click here: Feds Ready to Tackle Cyber-Crime