Veterans’ Data Appear Secure, FBI Says, After a Stolen Computer Is Recovered

Federal and local officials reported Thursday that they had recovered a laptop and external hard drive -- stolen May 3 from the Maryland home of a Department of Veterans Affairs employee -- that contained the Social Security numbers of more than 26 million veterans and their spouses.

“A preliminary review of the equipment by computer forensic teams determined that the database remains intact and has not been accessed since it was stolen,” the FBI said in a statement issued with the VA and the Montgomery County, Md., Police Department.

“A thorough forensic examination is underway, and the results will be shared as soon as possible.”

Officials said a tipster who had seen posters advertising a $50,000 reward contacted a U.S. Park Police detective he knew from “a previous relationship.”

“I don’t think the person knew that this laptop was the laptop,” said U.S. Park Police Chief Dwight Pettiford.

The Park Police in turn contacted the Baltimore office of the FBI, which sent the laptop to the bureau’s computer laboratory for investigation. FBI officials said the tipster had not been charged and probably was not the thief.

From the beginning, law enforcement officials have described the theft as a typical burglary, saying they did not think the VA data were targeted.

The news that the computer had been found brought cheers from members of Congress and from veterans, who have been on guard for indications of identity theft.

The news is “wonderful for veterans and active-duty personnel,” said Senate Veterans’ Affairs Committee Chairman Larry E. Craig (R-Idaho).

“We are all holding our breath now for the FBI forensic analysis, which we hope will confirm that the data has not been compromised.”

But the announcement did little to quell anger about the lapse in security that led to the unidentified VA employee taking home the material.

“The worst-case scenario may have been averted this time, but an even greater tragedy would be if this type [of] incident was allowed to happen again because of complacency in the workplace,” said Joe Davis, a spokesman for the Veterans of Foreign Wars. “Those who are entrusted with our nation’s secrets and the personal information of its citizens must be held accountable when they fail to do their jobs.”

And security experts said the recovery was unlikely to stem worries about identity theft, which the Federal Trade Commission estimates ensnares 10 million Americans a year in a lengthy ordeal to clear their credit records.

“Two years ago we advised people to shred their trash, but that’s irrelevant now,” said Bruce Schneier, chief technology officer for Counterpane Internet Security Inc.

“No one steals identities one at a time. They steal it in huge blocks off databases.”

Schneier also said he was dubious about the government’s ability to ascertain whether the information on the computer had been copied.

“Data is not the same as diamonds,” he said. “If we recover the data, it doesn’t mean the bad guys no longer have it.”

Government officials said the computer information was password-protected, and they seemed hopeful that a large-scale identity theft had been averted.

“There is reason to be optimistic,” said Veterans Affairs Secretary Jim Nicholson.

The rescue could save taxpayers a bundle: The VA has spent $14 million so far to maintain a call center to answer veterans’ concerns and this week requested $160 million to pay for credit monitoring for any veterans affected by the theft.

The VA announced last month that it was in the process of dismissing the employee who took the laptop to his home in Aspen Hill, Md., and that he was appealing the dismissal.

Documents later obtained by the Associated Press showed that the analyst had approval from higher-ups to use special software at home to manipulate huge amounts of data.

Nicholson announced the recovery at the start of a House hearing into the incident. The chairman of the House Committee on Veterans’ Affairs, Stephen E. Buyer (R-Ind.), agreed that the recovery provided cause for optimism.

But he added that the “history of lenient policies and lack of accountability within VA management must be rectified.”

Noting the recent resignations of two high-ranking technology experts from the VA, Buyer asked the Veterans Affairs secretary if “maybe the wrong people are leaving.”