VA Laptop Update
The New York Times reports that the FBI believes that the database containing the personal information of veterans and active members of the armed forces has not been accessed or copied since the device was stolen.
The Federal Bureau of Investigation said in a statement from its Baltimore field office that it appeared that the data had not been copied or misused.
"A preliminary review of the equipment by computer forensic teams has determined that the database remains intact and has not been accessed since it was stolen," the statement said.
Michelle Crnkovich, a spokeswoman for the F.B.I. in Baltimore, said the computer was turned over to agents there on Wednesday. The person who delivered the laptop has not been charged, Ms. Crnkovich said. A $50,000 reward had been offered for information related to the computer.
Ms. Crnkovich said the United States Park Service had helped in the recovery of the equipment, which will be further tested by F.B.I. officials in Washington.
Veterans Affairs Secretary Jim Nicholson said on Capitol Hill on Thursday that there were no reports that the stolen data had been used for identity theft. But he acknowledged that the situation had "brought to the light of day some real deficiencies in the manner we handled personal data."
The laptop computer and a detachable hard drive were stolen in a burglary on May 3 from the home of an agency employee in Aspen Hill, Md. Some officials at the Department of Veterans Affairs learned of the theft almost immediately, but Mr. Nicholson said he was not notified until May 16.
Because of the delay, the F.B.I. did not find out about the theft until about two weeks after the burglary, which was under investigation by the police in Montgomery County, Md.
It's highly likely that a computer forensics expert could determine these facts with a very high degree of confidence. A lot of people don't realize how much data and information is available on their computers.
Crime, Geek Stuff | Gaius Friday, 30 June , 2006
By htom, Friday, 30 June , 2006 @ 11:23 am
Such an expert needs to face a quizzing by someone who can usually do such a thing. Most such hardware is not put together with tamper-proof detecting screws, tamper-detecting seals, … an orgainzation with its act together enough to require such probably would have FIRST encrypted the database.