By Stephen Barr
Wednesday, May 10, 2006

The Pentagon has sent warning letters to thousands of people who may have had their personal data stolen, advising them that they may be at risk of identify theft and other fraudulent activities.

Most of those affected used an online registration for an August 2001 Defense Department conference on health-care fraud. Names, Social Security numbers, credit card numbers, employer identification and other personal information were entered into a computer database by conference attendees, Defense Department spokeswoman Cynthia Smith said.

The conference data were stored on a computer server, which hackers broke into early last month. The server contained information on more than 14,000 people who enrolled for the fraud conference, held in San Diego, and for other meetings.

The Pentagon announced the intrusion on April 28, saying that routine monitoring had discovered "unusual activity" on a computer server at the Tricare Management Activity. The agency administers health-care benefits for about 9.2 million active duty and retired military personnel and their families.

The medical records of Tricare enrollees were not compromised, Smith said.

In its announcement, the Pentagon said the information "contained in the accessed files varied, and investigators do not know the intent of the crime or if any of the information will be misused."

Conference attendees included military personnel and representatives from companies that help administer and support the Tricare program, Smith said.

In the announcement, William Winkenwerder Jr. , the assistant secretary of defense for health affairs, said the Pentagon has "implemented enhanced security controls throughout the network and installed additional monitoring tools to improve security of existing networks and data files."

Authorities, including the Defense Criminal Investigative Service, are investigating the computer intrusion, Smith said.

It's never too early to think about mistletoe and holly, apparently.

Late last month, the Office of Personnel Management issued this vendor request: "Christmas Balls for OPM's Christmas Tree."

OPM "is looking for a contractor or broker capable of producing approximately 5,000 to 10,000 Christmas Balls," the procurement notice said.

"The Christmas Balls shall be three (3) to four (4) inches in diameter, include hooks and display the image of the United States flag and incorporate the OPM seal. All images shall be in full color. The image on the Ball must cover the entire surface of the ball from the top axis to the bottom axis."

The notice was spotted by Paul W. Newton , a former federal executive and president of DynaPro LLC, a consulting firm. Said Newton, "Please tell me this is someone's idea of a joke."

Asked about the holiday request, OPM spokeswoman Susan Bryant said the notice had not been approved by the agency director, Linda M. Springer , and had been taken down. Officials were kicking around some ideas, Bryant said, and the notice was "just a little enthusiastic energy channeled the wrong way."

In-Sop Han , chief of Voice of America's Korean Service, retired April 1 after 41 years of federal service. He oversaw the expansion of VOA's Korean-language broadcasts and established a network of stringers among North Korean defectors.

Joan B. Keston , director of communications for the Pentagon Force Protection Agency, retired May 3 after 37 years of federal service. Keston is a founder of Public Service Recognition Week, an annual celebration that began in 1985.

Margaret A. Tindal , senior training adviser and human resources development team leader, retired May 3 from the Army Corps of Engineers after 31 years of federal service.

Ronald James Vadala , systems accounting officer of the Broadcasting Board of Governors, has retired after almost 33 years of federal service. He also worked at the Defense Department and at the Inter-American Foundation.

Please join me for a discussion of federal employee and retiree issues at noon today on Federal Diary Live athttp://washingtonpost.com. My e-mail address isbarrs@washpost.com.