Network Security Breach

1126 Words5 Pages
Network Security:Security Breach Paper NTC/411 U.S. Department Of Veterans Affairs In 2011, the Department of Veterans Affairs was having trouble with one of the hard drives in a database RAID array. So, naturally, the agency sent the drive out for repair. Unfortunately, it neglected to erase the unencrypted data on the disc. When the contractor was unable to repair the disc, they simply recycled it -- again without erasing. Also that same month 8 hard drives were determined stolen from a safe within the last 15 months, also two laptops were stolen-- leaving the personal information for some 26 to100 million veterans accessible to whoever next got the hard drives. This paper aims at looking at the Department…show more content…
However, the Department of Veterans Affairs believes that the hackers were serious because they obtained basic information such as names, SSN and birthdays and later used for malicious criminal activity. The Department of Veterans Affairs believes that the main cause behind the security data breach was IT individuals that failed to follow the proper procedures for network equipment that stored veteran’s data. The individual can use the advantage of using veteran’s vital information to purchase items, obtaining credit cards, and obtaining medical care with the use of illegal obtained documents. There could have been a major economic consequence or implication of the data or information security breach. The Department of Veterans Affairs estimates there could have been a billion dollar loss owing to the hacking or unauthorized access to the information. It is important to note that thousands ofveteransreceived bills from large companies such as Bank of America, USAA and the Federal Credit Union bank. The veterans whom had accounts at these banks will not be comfortable banking with a bank where their information is not…show more content…
The Department of Veterans Affairsfailed to handle the situation by not bringing in some of the world’s best information system personnel or qualified security personnel. The Department of Veterans Affairssecurity plan did not comply with the agency's own rules for securing data, and it improperly allowed the IT Specialist and contractor access to databases beyond the requirements of his job and the scope of his background check. It also concluded that the VA had failed to adequately supervise the IT Specialist and the contractor, whose actions had violated the Privacy Act as well as the Health Insurance Portability and Accountability Act of

More about Network Security Breach

Open Document