This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Lost hard drive could affect 70 million US military veterans

Share this article:

The National Archives and Records Administration (NARA) are investigating a potential data breach involving a lost hard drive that could affect 70 million records of US military veterans.

A report by Wired claimed that a defective hard drive that powered eVetRecs, the system veterans use to request copies of their health records and discharge papers, was sent by an agency back to its vendor for repair and recycling without first destroying the data.

When the drive failed in November of last year, the agency returned the drive to GMRI, the contractor that sold it to them for repair. GMRI determined it could not be fixed, and ultimately passed it to another firm to be recycled.

However, the NARA said that the lost drive is not a problem because its contractors signed privacy promises in their contracts, though the agency has since changed its policy to require that sensitive media be destroyed by NARA itself.

Writing on the IDtheftsecurity.com blog, consultant Robert Siciliano claimed that the hard drive should have never left the facility and should have been destroyed.

Siciliano said: “A $2,000 hard drive with millions of social security numbers is worth millions, maybe billions of dollars if it gets into the hands of a criminal. The ‘loss' of data like this can cost a government agency or corporation millions to respond to the breach. The Pentagon requires that old or defective drives be de-magnified or destroyed.

“With this data, a thief can open a new account such as a credit card and have the card sent to a different address. This is true identity theft. New account fraud destroys the victim's credit and is a mess to clean up.

“Government intervention to protect you from new account fraud is probably not going to happen any time soon, if ever. The responsibility is the citizens to protect themselves.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Police investigating after hacker steals 500,000 records from cosmetic surgery practice

Police investigating after hacker steals 500,000 records from ...

An unidentified hacker was able to access and exfiltrate almost half a million records on potential cosmetic surgery patients, it has been revealed.

Insider data thieves get away "scot free"

Insider data thieves get away "scot free"

Controls on access to data by both staff and ex-staff are lax, and even when caught, insiders stealing data get away 'scot-free' says new survey.

Government slated as Mumsnet becomes first UK Heartbleed victim

Government slated as Mumsnet becomes first UK Heartbleed ...

The Government's reaction to the 'Heartbleed' flaw has been criticised after the Mumsnet parenting site became the UK's first known victim of Heartbleed hackers.