Monday Morning News Kick Off: New VA Data Breach, Cost of Internet Fraud Rising and Fed Cyber Plan Facing Barriers

Welcome to the Monday Morning News Kick Off post from the ITAC blog. Last week was a major news week in the world of identity theft. We covered in depth (and some would say we helped break this news) the LifeLock $12 million settlement for false advertising. Well, this week, the news cycle continues. We have complied a number of stories regarding identity theft, data breaches and cyber security for you to get your week started on the right foot.

Cost of Internet Fraud on Steep Rise
The federal government is facing a number of challenges in its efforts to meet objectives set forth in the recently partially declassified Comprehensive National Cybersecurity Initiative (CNCI), according to a report released on Friday from the Government Accountability Office (GAO). The GAO was asked by Congress to determine what actions have been taken to plan CNCI activities and what challenges the government faces in achieving the initiative’s objectives. The CNCI, a program that began in 2008 under the Bush administration to help secure the United States in cyberspace, consists of 12 projects aimed at reducing vulnerabilities, protecting against intrusions, and anticipating future threats against federal executive branch information systems. Read the full LA Times/Washington Post article here.

VA Investigating New Data Breach
The Veterans Affairs Department is investigating reports that a former VA physician’s assistant stored unauthorized personal patient data on a personal laptop. The data breach occurred at the Atlanta Veterans Affairs Medical Center, VA spokeswoman Katie Roberts said. In a written statement, Roberts said protecting patient privacy is one of VA’s top priorities. “VA’s Office of Information and Technology is trying to gather more details about the circumstances, including the number of veterans whose information was involved and the nature of the information affected. The results of the investigation and analysis will help determine whether to send notifications and offers of credit protection services to the affected veterans,” Roberts wrote. Read the full Federal Times article here.

Aetna Boots Data Breach Class Action Suit
Health insurer Aetna has succeeded in having a class-action lawsuit over an alleged security breach dismissed. The case, bought by Cornelius Allison, stemmed from an alleged security breach of the Aetna online job application database. The breach, which was announced by Aetna last May, caused it to send notification letters to 65 000 current and former employees telling them that personal information may have been exposed. Allison, who worked for the company as an office assistant from 1998 until May 2005, applied for a customer service position at Aetna using its website. He uploaded his personal information and his resume. Read the full Infosecurity article here.

Report: Federal Cybersecurity Plan Facing Barriers
The federal government is facing a number of challenges in its efforts to meet objectives set forth in the recently partially declassified Comprehensive National Cybersecurity Initiative (CNCI), according to a report released on Friday from the Government Accountability Office (GAO). The GAO was asked by Congress to determine what actions have been taken to plan CNCI activities and what challenges the government faces in achieving the initiative’s objectives. The CNCI, a program that began in 2008 under the Bush administration to help secure the United States in cyberspace, consists of 12 projects aimed at reducing vulnerabilities, protecting against intrusions, and anticipating future threats against federal executive branch information systems. Here’s the full SC Magazine here.

Happy Monday!