Conference Attendees' Personal Data May Be at Risk

By Stephen Barr
Wednesday, May 10, 2006

The Pentagon has sent warning letters to thousands of people who may have had their personal data stolen, advising them that they may be at risk of identify theft and other fraudulent activities.

Most of those affected used an online registration for an August 2001 Defense Department conference on health-care fraud. Names, Social Security numbers, credit card numbers, employer identification and other personal information were entered into a computer database by conference attendees, Defense Department spokeswoman Cynthia Smith said.

The conference data were stored on a computer server, which hackers broke into early last month. The server contained information on more than 14,000 people who enrolled for the fraud conference, held in San Diego, and for other meetings.

The Pentagon announced the intrusion on April 28, saying that routine monitoring had discovered "unusual activity" on a computer server at the Tricare Management Activity. The agency administers health-care benefits for about 9.2 million active duty and retired military personnel and their families.

The medical records of Tricare enrollees were not compromised, Smith said.

In its announcement, the Pentagon said the information "contained in the accessed files varied, and investigators do not know the intent of the crime or if any of the information will be misused."

Conference attendees included military personnel and representatives from companies that help administer and support the Tricare program, Smith said.

In the announcement, William Winkenwerder Jr. , the assistant secretary of defense for health affairs, said the Pentagon has "implemented enhanced security controls throughout the network and installed additional monitoring tools to improve security of existing networks and data files."

Authorities, including the Defense Criminal Investigative Service, are investigating the computer intrusion, Smith said.

In Holiday Mode

It's never too early to think about mistletoe and holly, apparently.

Late last month, the Office of Personnel Management issued this vendor request: "Christmas Balls for OPM's Christmas Tree."

OPM "is looking for a contractor or broker capable of producing approximately 5,000 to 10,000 Christmas Balls," the procurement notice said.

CONTINUED     1        >

© 2006 The Washington Post Company