The Department of Veterans Affairs
Lest you think it is only the UK government that can’t be trusted with private data, just look at the security breach that happened in 2006 in the Department of Veterans’ Affairs. An unencrypted national database containing the personal identifying information on 26.5 million veterans was temporarily lost. The database was on a laptop and an external drive that a VA data analyst misplaced. It contained names, Social Security numbers, birth dates and other identifying information.
Although the database was eventually found, the VA paid out around $20 million in damages according to Boston.com.The fact that veterans were not told of the potential loss of their data until around three weeks after officials knew the risk only added to anger over the carelessness that put private data at risk.
The VA didn’t really learn its lesson after this costly incident, as Wired reports that a hard drive containing private records of 70 million vets was subsequently sent out to a vendor for repair in 2009 without protecting the data on it. The drive was then recycled with the data not erased or destroyed— so anyone could potentially have accessed the info. Fortunately, the sensitive information didn’t end up in the hands of criminals… this time.