U.S. agency loses data containing 26 million IDs

The U.S. Department of Veterans Affairs (VA) on Monday warned military veterans about the potential for identity theft after personal data on up to 26.5 million VA clients was stolen from an analyst's home.

The unidentified VA analyst violated agency policy by taking home data containing the names, Social Security numbers and dates of birth of the veterans and their spouses, the VA said in a statement. The agency has placed the analyst on administrative leave while it conducts an investigation into the data theft.

The break-in occurred this month, the VA said. The stolen data did not include any VA electronic health records or financial information. As of Monday, there is no evidence of the stolen data being used in ID theft schemes, and authorities believe it's unlikely the thieves were targeting the data during the break-in, the VA said.

The VA did not immediately identify how the data was stored in the analyst's home.

The VA has briefed the U.S. Department of Justice and the U.S. Federal Trade Commission about the data theft, and President George Bush's Identity Theft Task Force has already begun alerting credit bureaus about the potential problems, the VA said.

As of Monday, the VA was not advising veterans to contact credit bureaus or their financial institutions unless they suspected suspicious activity.

The VA has ordered all employees to complete a cybersecurity awareness course by June 30, and all employees with access to sensitive data will be required to undergo a new background check, the agency said.

Veterans concerned about ID theft can go to http://www.firstgov.gov or http://www.va.gov/opa for more information. The VA has also set up a call center for information on the data theft and consumer identity protections. That toll-free number is +1-800-FED INFO (333-4636). The call center, opening Monday, will operate from 8 am to 9 p.m. EDT Mondays through Saturdays for "as long as it is needed," the VA said.