VA Asking for More Money After Data Theft

WASHINGTON -- Veterans Affairs Secretary Jim Nicholson promised Congress on Tuesday he could turn his agency into a "model for information security" but said lawmakers will have to be patient.

Nicholson also said the Bush administration was asking for at least $160.5 million in emergency funds for credit monitoring and other measures to protect veterans and military troops whose sensitive personal information was stolen from a VA employee's laptop computer.

Rep. Steve Buyer, R-Ind., left, and James Walsh, R-N.Y. talk on Capitol Hill, Tuesday, June 27, 2006 during a House hearing to discuss the Veterans Administration's data theft. Rep. Walsh chastised the VA for waiting three weeks to notify veterans about the theft, saying "This represents a significant lapse of time that could have been vital to protect identity theft,".(AP Photo/Lawrence Jackson) (Lawrence Jackson - AP) Technology and Media Blog From TiVo to YouTube, iPods to ID theft, The Post's tech staff reports from the crossroads of technology and culture. • TerreStar: Today's Satellite Launch A Success • Genachowski Begins at FCC; Announces Senior Staff • ZeniMax Media Acquires Id Software • Tech Blog: More Posts Sign Up for RSS Feed QUIZ What percent of U.S. tweens own a mobile phone? A. 15 percent B. 25 percent C. 35 percent D. 55 percent • Test Your Knowledge -- More Questions Save & Share Tag This Article  Saving options 1. Save to description:  Headline (required)  Byline 2. Save to notes (255 character max):  Blurb 3. Tag This Article

Besides covering monitoring for about half of the 17.5 million people whose Social Security numbers were compromised, the money would pay for out-of-pocket expenses ranging from $10,000 to $20,000 for those whose identities are stolen, Nicholson told a House panel.

Under questioning, Nicholson acknowledged that much more money may be needed to revamp information security at the VA and other agencies. He also left the door open to providing veterans more than one year of free credit monitoring following the May 3 burglary at a VA data analyst's home.

"Unfortunately, a very bad thing happened," Nicholson told a House Appropriations subcommittee that oversees VA spending.

"I think we can turn VA into the model for information security," he added. "I will not try to mislead you and delude. This will not be easy and it will not be overnight."

Of the $160.5 million requested for monitoring, Nicholson said, about $29 million will be taken from VA funds budgeted in 2006 to cover personnel costs at the Veterans Benefit Administration. That money would not have been used this year due to hiring plans that already had been pushed back to 2007, he added. The other $131.5 million would be reallocated from other areas of the White House budget.

"It will take some belt tightening. It will not come out of veterans' benefits," Nicholson said.

No reports of identity theft have been reported in connection with the May 3 theft of a computer from the data analyst's home in suburban Maryland. The laptop contained names, birth dates and Social Security numbers for up to 26.5 million people.

Last week, the Senate Appropriations Committee approved $160 million in emergency funds to pay for credit monitoring. It is one of many expected payments as the government struggles with fallout from data thefts and other breaches now crossing at least six agencies.

Earlier in the hearing, the House panel was urged to spend whatever necessary to avoid undue hardships for data theft victims.

David McIntyre, president and CEO of TriWest Healthcare Alliance, which administers the Pentagon's health care program in 21 Western states, proposed creating a central government "nerve center" to assist agencies after any such security breach.