This incident has 0 proposed changes.
Know of details that have changed? Submit them
Showing Incident 2382 
SUMMARY
| Veterans records on improperly disposed hard drive puts millions at risk | |
| Records | Unknown |
|---|---|
| Record Types | SSN NAA MISC DOB |
| Breach Type | Disposal Drive |
| Data Family | Electronic |
| Source | Inside - Accidental |
| Organization | National Archives and Records Administration |
| Other Affected/Involved Organizations | None |
| Lawsuit? | NO/UNKNOWN |
| Data Recovered? | NO/UNKNOWN |
| Arrest? | NO/UNKNOWN |
| Submitted By: | firewallexperts |
TIMELINE
| Date | Event |
|---|---|
| 2009-10-05 | Incident Occurred |
| None. Add Data | Incident Discovered By Organization |
| 2009-10-05 | Organization Reports Incident |
| None. Add Data | Organization Mails Notifications |
| None. Add Data | Records Recovered |
| None. Add Data | Lawsuit Filed |
| None. Add Data | Arrest Made |
SIMILAR INCIDENTS
| records | date | organizations |
|---|---|---|
| 0 | 2009-07-13 | Lockheed Martin Corp |
MAP OF INCIDENT LOCATION
Address: Washington D.C., DC, USA
Have a better address for this incident? Suggest it!
REFERENCES
suggest a new attachment
ATTACHMENTS
COMMENTS
by jkouns [Senior Researcher] on 2011-07-05 (7 months ago)
from GaryM Stern GaryM.Stern@nara.gov
to curators@datalossdb.org
date Mon, Jun 27, 2011 at 4:37 PM
subject Incorrect Reporting of Data Breach
We have just learned that your website lists the National Archives and Records Administration (NARA) as being responsible for one of the “largest incidents” of data loss, concerning approximately 76 million persons in 2009, listed at: http://datalossdb.org/
We respectively request that you remove this item from your list, because no actual breach of data occurred. Rather, as we reported on our website in 2010, the defective disk, which came from a disk array that contained the data, was properly disposed of by authorized contractors.
http://www.archives.gov/press/press-releases/2010/nr10-05.html
Your website relies on an article published in wired.com, which was describing an internal NARA investigation of a “potential data breach” (emphasis added). Upon completing our review of this incident, we confirmed that the defective disk had been destroyed by the authorized servicing contractor, and there was no evidence of any access, misuse, or disclosure.
We would greatly appreciate your removing this item from your list, in order not to give a false impression that this data had actually been breached by the National Archives.
I would be happy to discuss our concerns directly with you in more detail. Please feel free to contact me at the numbers below.
Sincerely,
Gary M. Stern
General Counsel and Senior Agency Official for Privacy
National Archives and Records Administration
8601 Adelphi Road, Suite 3110
College Park, MD 20740-6001
301-837-1750 (main)
301-837-3026 (direct)
garym.stern@nara.gov
Breach Types:
- Disposal Computer | Disposal Document | Disposal Tape | Disposal Drive
- Disposal Mobile | Email | Fax | Fraud Se
- Hack | Lost Computer | Lost Document | Lost Drive
- Lost Laptop | Lost Media | Lost Mobile | Lost Tape
- Missing Document | Missing Laptop | Missing Media | Snail Mail
- Stolen Computer | Stolen Document | Stolen Drive | Stolen Laptop
- Stolen Media | Stolen Mobile | Stolen Tape | Unknown
- Virus | Web |
