While the U.S. Department of Veterans Affairs (VA) data breach has garnered the most media attention, a government report revealed today that data loss occurs in all large agencies and many officials aren't even sure what is lost when it happens.
The summary report, released today by the U.S. House Government Reform Committee, gave a rundown of all known executive branch data breaches involving sensitive personal information that have occurred since January 2003. All 19 agencies included in the summary reported at least one breach since then.
The report discovered that outside contractors were responsible for the majority of agency breaches. Only a small number of the breaches reported were caused by hackers — the majority of data was lost due to theft of devices or unauthorized data use by employees.
In many cases, those responsible at the agencies for the protection of sensitive information did not always know what information was lost or how many people were impacted by a particular loss. In fact, many agencies do not track all possible losses of personal information, so it is likely that even more unreported incidents have occurred, government officials said.
When the impact to individuals is known, agencies only sometimes report the danger to their identities to the affected citizens.
The Government Reform Committee is currently spearheading the Veterans Identity and Credit Security Act of 2006, which has passed through the House, in order to give greater protection to citizens and to require better notification in the event of a loss of personal information.
Click here to email Ericka Chickowski.