Posted on 06/23/2006 8:59:49 PM PDT by Libloather
Sailors' Social Security nos. on Web site
By LOLITA C. BALDOR, Associated Press Writer
55 minutes ago
Sailors man the rails as the amphibious transport dock USS Nashville (LPD 13), an element of the amphibious assault ship USS Iwo Jima Expeditionary Strike Group (ESG), departs Naval Station Norfolk in Norfolk, Virginia, June 6, 2006. Personal data on 28,000 U.S. sailors and their families appeared on a public Web site this week, the Navy said on Friday, marking the latest in a string of data breaches involving American military personnel. (Matthew Bookwalter/U.S. Navy/Handout/Reuters)
WASHINGTON - The Navy has begun a criminal investigation after Social Security numbers and other personal data for 28,000 sailors and family members were found on a civilian Web site.
The Navy said Friday the information was in five documents and included people's names, birth dates and Social Security numbers. Navy spokesman Lt. Justin Cole would not identify the Web site or its owner, but said the information had been removed. He would not provide any details about how the information ended up on the site.
Cole said there was no indication so far that the information was used illegally, but individuals involved were being contacted and encouraged to monitor their bank accounts and credit cards.
Meanwhile, the General Accountability Office said it removed archival records from its Website this week containing some personal identifying information of fewer than 1,000 government workers. The data included some individual names and Social Security numbers.
The breach regarding the Navy comes amid a rash of government computer data thefts, including one at the Agriculture Department earlier this week in which a hacker may have obtained names, Social Security numbers and photos of 26,000 Washington-area employees and contractors.
As many as 26.5 million veterans and current military troops may have been affected by the theft of a laptop computer containing their Social Security numbers and birth dates. The computer was taken from the home of a Veterans Affairs Department employee in early May, and officials waited nearly three weeks before notifying veterans on May 22 of the theft.
As many as a half dozen federal agencies have been affected by computer data losses in recent months.
In a letter Friday to Defense Secretary Donald H. Rumsfeld, one member of Congress asked for details on the Navy incident, and questioned whether the Defense Department will make sure a free credit help is provided for those affected.
U.S. Rep. Edward Markey, D-Mass., said he had asked Rumsfeld two years ago about the implications of federal agencies outsourcing data collection and processing activities. While there is no indication that outsourcing was the problem in the Navy case, Markey said he wants to know what effect that would have on the security of information on military personnel.
The Naval Criminal Investigative Service is investigating the breach. The initial discovery was made by the Navy Cyber Defense Operations Command, which routinely monitors the Internet for such problems.
The Navy said individuals can place a 90-day fraud alert on their credit reports, and provided information on companies to contact. Cole said there has been no decision made yet on whether the Navy will pay for credit monitoring.
Information on how to watch for suspicious activity can be found at the Navy Personnel Command's Web site, http://www.npc.navy.mil.
Wasn't that long ago that a whole lot of government issue credit card numbers were compromised because of lost data disks....by the issuing bank.
Perhaps you are correct. Not outsourcesing is the ultimate answer. But, like I said, feederal agencies are not yet capable of handeling the demand that are NOW. It would be ideal to have everything internal. Unfortunately, change in a federal agency requires time.
Sorry about the typos...I am not a great typist and its late for me.
There are very few mid-levels left who know technical stuff. And because they centralized, you went from agencies who had knowledgable people on staff who knew what was going on, to centralized groups thrown together, who might not know this from that, and the most knowledgable usually had their job positions eliminated, because this was now the job of the private sector contractor.
So you have non-technical upper level management making decisions not based on technical savvy, without knowing the intricacies, overseeing companies who are trying to get by with just enough so it keeps their costs down, and who have very little vested sense of loyalty; the management in charge have little idea what CAN go wrong, and the person who could have told them that when the outlines of the contract were put out no longer works for the agency, and is doing something else with his time.
And to fix it all, through trial and error is going to cost the taxpayers more in the long run, because once the department in an agency is disbanded, well, there's no going back, and the next time the contract is up for bid, the costs will go up because they will have added X, Y, and Z to it (which is because of the mistakes on the first contract), and you will still have the contracts being serviced by people who don't have any sense of loyalty to the agency, and don't really care, and more and more of the few people on board who actually know something and could tell you want was needed or how to deal with problem y are retiring or their positions are being eliminated, and thus management gets blamed.
Diseconomies of scale.
And because of the outsourcing, there are almost no middle-level people coming up through the ranks to replace the upper middle people who will be retiring.
This is just starting to happen.
You might not realize something is wrong until something happens, like a bad wildfire season, where there are not enough management teams to go around.
It will have at least some repercussions.
Three or four years ago they could have done it.
But now the situation is going to be messy, because they've lost too much infrastructure.
But I am reminded about a story about a military base. They had contracted a company to clear the streets when it snowed at this particular base.
One day, it snowed on a Sunday. The general, getting impatient for the snow plows to hit the streets called the contractor.
It wasn't written in the contract for them to work on Sunday.
They did not get their contract renewed.
I know what you mean. I'm a net admin at a hospital, and before we do the most trivial thing we ask, "what would HIPAA do" lol. I spent 2 months doing analysis of internal wire traffic on our network and found lots of openings that have been corrected with stronger encryption. HIPAA has been hell, but has brought about needed changes with regards to how data is handled. If I were a patient I would expect it.
I bet you wouldn't have to dig very far to find a Clintonista at the bottom of this.
Guys - it is past time to do away with the SSN for the military and go back to the old Service Number.
Yes, I do. It's from 1965 and reads: "For Social Security and Tax Purposes-Not for Identification."
"outsourcing data collection and processing activities"
Oh it gets worse than that.
We have Chinese and Indian engineers designing and sourcing critical integrated circuits and other electronics that our weapons systems depend on.
It says, "Not to be used for identification."
Contractors--awarded to the lowest bidder. You get what you pay for.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.