Kevin Freking of Associated Press reports:
A bipartisan group of lawmakers asked the Veterans Affairs Department on Friday to offer credit monitoring to veterans and dependents whose personal information, including birth dates and Social Security numbers, might have been disclosed when its computer systems were hacked.
The lawmakers are responding to testimony at a hearing where witnesses said foreign-sponsored organizations had successfully compromised VA networks. One former VA official said at least eight groups, mostly connected to the Chinese military, had hacked into the system or had tried. A VA official downplayed the threat but acknowledged that he knew of one foreign-sponsored breach.
Read more on Yahoo!
I still think it would be cheaper and more effective to have all entities that store SSN and/or credit card info feed into a pool to provide routine and on-going monitoring for all consumers or individuals. Right now, although it’s common practice to offer services after a breach, it’s not mandatory. By making it a cost of doing business where the entity’s share of the costs is related to the number of individuals for whom they collect or store data, it might also make entities think twice about whether they really need to collect or store SSN and credit card numbers.
First off it’s unthinkable that the Veterans Affairs Department can’t find a way to secure this information a bit better in the first place. That said, I think the least they could do is offer some form of credit monitoring services for the veterans who were effected by the breach. Even a basic one like CreditKarma.com (which is free by the way) would be better than nothing, to at a bare minimum, send an alert if an unauthorized account is opened or if there are charges on credit lines etc. Hopefully the lawmakers will make this happen so the vets and their families don’t have to deal with the extreme nuisance that goes along with fixing credit/identity theft.