1-866-411-TIPS
by Danny McPhersonI finally got around to digging through the most recent load of mail sitting on the corner of the desk in my home office. While typically comprised of impressive pounds of magazines I’m constantly barraged with (all because selling magazine subscriptions every couple weeks seems to be the school/athletics fund rasier of choice for the moment and my disinterested daughters usually rely on me to make up the difference between the couple subscriptions they’ve sold and some altruistic goal each participant is unwillingly saddled with), there were a few other normal looking pieces of mail, and a letter from the Secretary of Veterans Affairs, Washington, which peaked my interest.
Not at all surprisingly, the purpose of the letter was to notify veterans that the Department of Veterans Affairs (VA) had recently learned that an employee “took home electronic data from the VA, which he was not authorized to do and was in violation of established policies. The employee’s home was burglarized and this data was stolen. [yatta.. etc.. yatta..].” Anyone not aware of this already must be living in a cave, but I understood the need for a letter telling me this, nonetheless.
What I found a bit disconcerting was that I, and 26.5 million others, were receiving a letter from the VA that went on to say:
Beware of any phone calls, e-mails, and other communications from individuals claiming to be from VA or other official sources, asking for your personal information or verification of it. This is often referred to as information solicitation or “phishing.” VA, other government agencies, and other legitimate organizations will not contact you to ask for or to confirm your personal information. If you receive such communications, they should be reported to VA at 1-800-FED-INFO (1-800-333-4636).
The amusing part is that while I’ve admittedly never put much thought into it, I never figured I’d receive a letter from the VA with the word phishing in it, and for you old timers, it’s apparently called information solicitation. Even more amusing was that they sent me a letter telling me that all the data had been stolen, that MY data had been stolen, but that I should be wary of folks phishing to verify the data? Hello! They’ve already got my data, and 26,499,999 others - if they know they have it, do you seriously think they’re going to call me to verify it? But if they do, thanks for making me more prepared in how to deal with it.
In the letter they provide a web site you can visit for additional information, which is just what I needed. After visiting the site, I found a PDF file titled “$50,000 Reward Offered for Return of Veterans’ Data” and containing something that’s a press release, I think, as it’s from the Media Services Division and FOR IMMEDIATE RELEASE. To my astonishment, OK, not really, but stay with me here, the memo detailed how the VA OIG (Office of Inspector General) and FBI are providing a $50,000 reward “for information that leads to the recovery of a laptop computer and external hard drive …” and it goes on to say “The primary objective of the investigation is the recovery of the laptop and external hard drive“.
Well, I guess protecting those 26.5 million veterans from identity theft and other evil deeds is now a separate issue, one which I’m certain some folks with more time on their hands will devote a couple years of their life to, and finding the laptop and hard drive is indeed the first step law enforcement can make towards identifying whether the data was actually accessed (and perhaps copied) or not - unless, of course, measures were put in place to, say, monitor, detect and correlate activities that might indicate anomalous use of some set of those 26.5 million records. But folks would likely scream about privacy invasion or something then..
It’s just, something seems a bit confusing to me when you talk about “Return of Electronic Data” as such.
Anyways, if you’ve got any tips, call the Crime Solvers of Montgomery County tip line at 1-866-411-TIPS (8477). Thanks! :-)
