While many cases of widely publicized security breaches involve sophisticated hacking measures or perhaps even the creation of a super worm capable of infiltrating some of the world’s most secure data systems, there are some instances where a simple misstep can lead to a massive loss of sensitive data. In 2006, the Department of Veterans Affairs experienced such a blunder when the records and personal information of up to 26.5 million veterans and active duty personnel was compromised after one minor theft. Here’s a closer look at what happened along with the fallout that the VA had to face following the incident.
A lost laptop
The entire data breach could have been avoided were it not for a single stolen laptop on which a VA data analyst had loaded the information of millions of veterans and military personnel. After the laptop was stolen, the VA responded quickly to the theft, though there was an initial 3-week delay in notifying possible victims of the incident.
Uncertain data security
The stolen laptop at the heart of this incident was recovered with all data intact, but there is no way to guarantee that the information was not copied. Because the data included birthdays, social security numbers, and names, there was a widespread worry of credit fraud and identity theft on part of the millions of individuals affected.
A class action lawsuit
As proof that added security measures can pay off in the long run, the VA was ordered to pay $20 million in a class action lawsuit, which could have totaled more than $26 billion in damages if the original terms of the suit had been met. Payments were issued to any individual who could prove some harm resulting from the incident, and the money funding the lawsuit was taken directly from taxpayers.
This article is part of our collection of WORLD FAMOUS SECURITY BREACHES!