DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Is the Veterans Administration doing enough in mitigating breaches? One veteran says “No.” Here’s why.

Posted on August 3, 2015 by Dissent

Benjamin Krause, an investigative reporter, Veterans law attorney, and a disabled veteran of the US Air Force, has a site called DisabledVeterans.org. One of his posts showed up in one of my searches, and I thought it was worth noting here.

In the context of discussing a recent VA breach and government accountability, Benjamin writes:

I personally had VA VocRehab mistakenly mail an entire copy of my file to my old address from two years earlier – a large apartment complex in a major American city. There is no telling where the files ended up.

Veterans Affairs indignantly declined to proactively retrieve the documents and told me to call the cops if I was worried about it. I repeat, the agency made me do the leg work to try to recover my files that were mistakenly delivered to the wrong address.

I did call the cops. They were confused why VA would not take charge of the recovery of my files and said their was little they could do unless a crime was committed.

VA offered me one year of identity protection. That was it. Meanwhile, over 1,000 pages of files containing everything about me were misplaced and now floating around somewhere in the United States.

Did anyone get reprimanded for the cockup? No. Did I get the records back? No.

What a crock. How is it that we live in a country where the Federal government is not held accountable?

It’s an excellent question. All a-flutter over the OPM breach, Congress is trying to enact legislation that will provide longer credit monitoring and greater liability protection to those affected by that breach, but as Benjamin notes, after-the-fact credit monitoring is often not sufficient nor satisfactory.

Should the VA have gone to the apartment complex or attempted to track down Benjamin’s errant files if they erred by not updating his mailing address? According to the VA’s monthly reports to Congress, mailing errors happen (there were 161 paper mis-mailing incidents in June, 2015). Indeed, paper incidents account for the bulk of VA breaches that result in the exposure of personally identifiable or protected health information.

But if the VA sends out literally millions of mailings each month (over 7 million in June, 2015), is 161 an acceptable error rate? If not, should the VA reduce paper mailings where electronic transmission is a viable alternative? Or should it use a more costly mailing system – of requiring a signature for delivery – when a veterans’ files with sensitive information are being mailed?

Mistakes will happen either way, and Benjamin raises a valid question: what should the VA do to mitigate or remediate? Could they have at least initiated a trace request with the post office? Why should Benjamin – or any other veteran – have the burden and worry of trying to track down their personal and sensitive information when the VA makes a mistake? Don’t our veterans have enough problems without being told that the VA won’t even try to track down their mis-mailed records?

 

Category: Commentaries and AnalysesGovernment SectorHealth DataU.S.

Post navigation

← OPM Data Breach Update
Anonymous Hacks Waller County Sheriff’s Department Computers For Sandra Bland – Or Did They? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.