Gulf War Vets Home Page
Veterans Groups Sues Over Data Theft
By THE ASSOCIATED PRESS
Published: June 6, 2006
Filed at 10:52 a.m. ET
WASHINGTON (AP) -- A coalition of veterans' groups charged in a lawsuit Tuesday that their privacy rights were violated after thieves stole personal data on 26.5 million military personnel from a Veterans Affairs employee.
The class-action lawsuit against the federal government, filed in U.S. District Court in Washington, is the second suit since the VA disclosed the May 3 burglary two weeks ago.
It demands that the VA fully disclose which military personnel are affected by the data theft and seeks $1,000 in damages to each person -- up to $26.5 billion total. The veterans are also asking for a court order barring VA employees from using sensitive data until independent experts determine proper safeguards.
''VA arrogantly compounded its disregard for veterans' privacy rights by recklessly failing to make even the most rudimentary effort to safeguard this trove of the personally identifiable information from unauthorized disclosure,'' the complaint states.
The VA said Tuesday it is in discussions with credit-monitoring services to determine ''how veterans and others potentially affected can best be served'' in the aftermath of the theft, according to spokesman Matt Burns. He said the VA has received no reports of stolen data being used for fraudulent purposes.
Burns said the VA had no specific comment on the lawsuit because it does not comment on pending litigation.
Veterans groups have criticized the VA for a three-week delay in publicizing the May 3 burglary at a VA data analyst's Aspen Hill, Md., home. The VA initially disclosed the burglary May 22, saying it involved the names, birthdates and Social Security numbers -- and in some cases, disability codes -- of veterans discharged since 1975.
Since then, it also has acknowledged after an internal investigation that the data could also include phone numbers and addresses of those veterans, as well as the personal information for up to 50,000 active Navy and National Guard personnel.
In their lawsuit, the veterans groups say VA Secretary Jim Nicholson and other VA officials were at fault for the theft, which occurred even though the agency's inspector general warned every year since 2001 that access controls were weak.
The suit also said the VA acted irresponsibly by failing to publicize the burglary after the data analyst promptly told his supervisors on May 3. During congressional hearings last month, VA Inspector General George Opfer said his office didn't learn of the crime until May 10 -- and only through office gossip.
The veterans cite in part violations of a 1974 federal privacy law, which generally requires agencies to have protections to prevent the unauthorized disclosure of personal information. The VA has said the data analyst violated its established procedures by taking the data home without permission.
Nicholson has said he was angry that employees did not notify him of the burglary until May 16. Since then, the VA has fired the data analyst, and his boss, VA deputy assistant secretary Michael McLendon, has stepped down.
There have been no reports that the stolen data have been used for identity theft in what has become one of the nation's largest security breaches.
The five veterans groups involved in the lawsuit are Citizen Soldier in New York; National Gulf War Resource Center in Kansas City; Radiated Veterans of America in Carson City, Nev.; Veterans for Peace in St. Louis; and Vietnam Veterans of America in Silver Spring, Md.
Separately, a Democratic activist also has sued the VA in federal court in Cincinnati.