Veterans Groups Sues Over Data Theft
By THE ASSOCIATED PRESS
Published: June 6, 2006
Filed at 10:52 a.m. ET
WASHINGTON (AP) -- A coalition of veterans' groups charged in a lawsuit
Tuesday that their privacy rights were violated after thieves stole personal
data on 26.5 million military personnel from a Veterans Affairs employee.
The class-action lawsuit against the federal government, filed in U.S.
District Court in Washington, is the second suit since the VA disclosed the
May 3 burglary two weeks ago.
It demands that the VA fully disclose which military personnel are affected
by the data theft and seeks $1,000 in damages to each person -- up to $26.5
billion total. The veterans are also asking for a court order barring VA
employees from using sensitive data until independent experts determine
''VA arrogantly compounded its disregard for veterans' privacy rights by
recklessly failing to make even the most rudimentary effort to safeguard
this trove of the personally identifiable information from unauthorized
disclosure,'' the complaint states.
The VA said Tuesday it is in discussions with credit-monitoring services to
determine ''how veterans and others potentially affected can best be
served'' in the aftermath of the theft, according to spokesman Matt Burns.
He said the VA has received no reports of stolen data being used for
Burns said the VA had no specific comment on the lawsuit because it does not
comment on pending litigation.
Veterans groups have criticized the VA for a three-week delay in publicizing
the May 3 burglary at a VA data analyst's Aspen Hill, Md., home. The VA
initially disclosed the burglary May 22, saying it involved the names,
birthdates and Social Security numbers -- and in some cases, disability
codes -- of veterans discharged since 1975.
Since then, it also has acknowledged after an internal investigation that
the data could also include phone numbers and addresses of those veterans,
as well as the personal information for up to 50,000 active Navy and
National Guard personnel.
In their lawsuit, the veterans groups say VA Secretary Jim Nicholson and
other VA officials were at fault for the theft, which occurred even though
the agency's inspector general warned every year since 2001 that access
controls were weak.
The suit also said the VA acted irresponsibly by failing to publicize the
burglary after the data analyst promptly told his supervisors on May 3.
During congressional hearings last month, VA Inspector General George Opfer
said his office didn't learn of the crime until May 10 -- and only through
The veterans cite in part violations of a 1974 federal privacy law, which
generally requires agencies to have protections to prevent the unauthorized
disclosure of personal information. The VA has said the data analyst
violated its established procedures by taking the data home without
Nicholson has said he was angry that employees did not notify him of the
burglary until May 16. Since then, the VA has fired the data analyst, and
his boss, VA deputy assistant secretary Michael McLendon, has stepped down.
There have been no reports that the stolen data have been used for identity
theft in what has become one of the nation's largest security breaches.
The five veterans groups involved in the lawsuit are Citizen Soldier in New
York; National Gulf War Resource Center in Kansas City; Radiated Veterans of
America in Carson City, Nev.; Veterans for Peace in St. Louis; and Vietnam
Veterans of America in Silver Spring, Md.
Separately, a Democratic activist also has sued the VA in federal court in