This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Lost hard drive could affect 70 million US military veterans

Share this article:

The National Archives and Records Administration (NARA) are investigating a potential data breach involving a lost hard drive that could affect 70 million records of US military veterans.

A report by Wired claimed that a defective hard drive that powered eVetRecs, the system veterans use to request copies of their health records and discharge papers, was sent by an agency back to its vendor for repair and recycling without first destroying the data.

When the drive failed in November of last year, the agency returned the drive to GMRI, the contractor that sold it to them for repair. GMRI determined it could not be fixed, and ultimately passed it to another firm to be recycled.

However, the NARA said that the lost drive is not a problem because its contractors signed privacy promises in their contracts, though the agency has since changed its policy to require that sensitive media be destroyed by NARA itself.

Writing on the IDtheftsecurity.com blog, consultant Robert Siciliano claimed that the hard drive should have never left the facility and should have been destroyed.

Siciliano said: “A $2,000 hard drive with millions of social security numbers is worth millions, maybe billions of dollars if it gets into the hands of a criminal. The ‘loss' of data like this can cost a government agency or corporation millions to respond to the breach. The Pentagon requires that old or defective drives be de-magnified or destroyed.

“With this data, a thief can open a new account such as a credit card and have the card sent to a different address. This is true identity theft. New account fraud destroys the victim's credit and is a mess to clean up.

“Government intervention to protect you from new account fraud is probably not going to happen any time soon, if ever. The responsibility is the citizens to protect themselves.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Google and Facebook offer free cyber-security tools

Google and Facebook offer free cyber-security tools

Google and Facebook have both launched free open-source cyber-security tools this week, designed to help security professionals spot malware and cyber-attacks.

Mixed results for key Government cyber-initiatives

Mixed results for key Government cyber-initiatives

The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...