June 3, 2006
“I have made it clear since learning of this incident that, as soon as VA learns any new information, the Department has a duty to immediately inform those potentially affected,” said Secretary Nicholson. “VA continues to conduct a complete and thorough investigation into this incident, and those efforts are providing additional details about the nature of the data that may be involved.”
VA has received no reports that the stolen data has been used for fraudulent purposes, but is providing an update out of an abundance of caution.
VA has learned through its ongoing analysis of the data stolen on up to 26.5 million individuals, and in discussions with the Department of Defense, that private information – the names, Social Security Numbers and dates of birth – on certain National Guard and Reserve personnel who are on at least their second federalized active duty call-up could potentially be included. The number of those potentially affected is believed to be between 10,000 and 20,000.
Additionally, private information – the names, Social Security Numbers and dates of birth – on some active duty U.S. Navy personnel may be involved. This could potentially include members of the U.S. Navy who remain on active duty and completed their first enlistment term prior to 1991. Working with the Department of Defense, VA has determined this group likely consists of between 25,000 and 30,000 individuals.
This happened because these individuals were issued a “DD-214” – or a separation from active service notification – by the Department of Defense upon completion of their first enlistments. This triggered an automatic notification to VA that these individuals were no longer on active duty. Subsequent to VA receiving the initial DD-214 these individuals re-enlisted for another term of active duty, meaning their information could still be in VA’s data files.
“VA will continue to work with the Department of Defense, other government agencies, members of Congress, and other stakeholders to inform and help protect those potentially impacted,” said Secretary Nicholson.
VA is working with the Department of Defense to match data and verify, to the greatest extent possible, those potentially affected. Individualized notification letters are being sent to those whose personal information may have been included among the stolen data.
VA currently has no evidence that suggests full-time active duty personnel from the other military branches of service are affected.
VA began investigating the possibility personal information of some active duty, National Guard and reservist personnel may be involved after examining, with the Department of Defense, the process by which VA is notified by the military branches of an individual’s change in duty status – or being issued a DD-214.
Those who believe they may be affected can continue to go to www.firstgov.gov for more information on this matter. VA also continues to operate a call center that individuals can contact to get information about this incident and learn more about consumer-identity protections. That toll free number is 1-800-FED INFO. The call center is operating from 8:00 am to 9:00 pm (EDT), Monday-Saturday as long as it is needed. (Note: In response to reduced demand subsequent to the recovery of the stolen computer equipment, call center hours were changed on July 10, to Monday through Friday, 8:00 a.m. to 9:00 p.m. Eastern time.)
# # #
People wishing to receive e-mail from VA with the latest news releases and updated fact sheets can subscribe to the
VA Office of Public Affairs Distribution List.