Secretary Nicholson announces VA to provide free credit monitoring

WASHINGTON (June 21, 2006) - As part of the continuing efforts by the
Department of Veterans Affairs (VA) to protect and assist those
potentially affected by the recent data theft that occurred at an
employee's Maryland home, Secretary of Veterans Affairs R. James
Nicholson today announced that VA will provide one year of free credit
monitoring to people whose sensitive personal information may have been stolen in the incident.

"VA continues to take aggressive steps to protect and assist people who may be potentially affected by this data theft," said Nicholson.  "VA has conducted extensive market research on available credit monitoring solutions, and has been working diligently to determine how VA can best serve those whose information was stolen. 

"Free credit monitoring will help safeguard those who may be affected, and will provide them with the peace of mind they deserve," he added. 

The Secretary said VA has no reason to believe the perpetrators who
committed this burglary were targeting the data, and Federal
investigators believe that it is unlikely that identity theft has
resulted from the data theft.

This week, VA will solicit bids from qualified companies to provide a
comprehensive credit monitoring solution.  VA will ask these companies to provide expedited proposals and to be prepared to implement them rapidly once they are under contract.

After VA hires a credit monitoring company, the Department will send a detailed letter to people whose sensitive personal information may have been included in the stolen data.  This letter will explain credit
monitoring and how eligible people can enroll or "opt-in" for the
services.  The Department expects to have the services in place and the letters mailed by mid-August.

Secretary Nicholson also announced VA is soliciting bids to hire a
company that provides data-breach analysis, which will look for possible misuse of the stolen VA data.  The analysis would help measure the risk of the data loss, identify suspicious misuse of identity information and expedite full assistance to affected people.

As part of VA's efforts to prevent such an incident from happening
again, Secretary Nicholson previously announced a series of personnel changes in the Office of Policy and Planning, where the breach occurred; the hiring of former Maricopa County (Ariz.) prosecutor Richard Romley as a Special Advisor for Information Security; the expedited completion of Cyber Security Awareness Training and Privacy Awareness Training for all VA employees; that an inventory be taken of all positions requiring access to sensitive VA data by June 30, 2006, to ensure that only thoseemployees who need such access to do their jobs have it; that every laptop in VA undergo a security review to ensure that all security and virus software is current, including the immediate removal of any unauthorized information or software; and that VA facilities across the country - every hospital, Community-Based Outpatient Clinic (CBOC), regional office, national cemetery, field office and VA's Central Office - observe Security Awareness Week beginning June 26.

People who believe they may be affected by the data theft can go to
www.firstgov.gov for more information.  VA also continues to operate a call center that people can contact to get information about this
incident and learn more about consumer-identity protections.  That toll
free number is 1-800-FED INFO (1-800-333-4636).  The call center is
operating from 8:00 am to 9:00 pm (EDT), Monday-Saturday as long as it is needed.