Nicholson: Stolen laptop found

The laptop computer and its hard drive stolen May 3 containing the sensitive information of more than 26 million veterans and military employees has been recovered and is undergoing forensic investigations, Veterans Affairs Secretary Jim Nicholson told the House Veterans Affairs Committee on Thursday.

The FBI has said it appears the data was not accessed or compromised. According to an FBI representative, an unidentified person turned in the laptop on Wednesday to FBI agents in Baltimore.

“I am hopeful that veterans across America can breathe a sigh of relief and that the data has not been compromised,” Chairman Steve Buyer (R-Ind.) said. “This discovery provides reason to be optimistic; however, the basic deficiencies leading to this data loss must be corrected,” he added.

Buyer cited what he called “the history of lenient policies and lack of accountability within VA management,” and said that must be rectified.

“Multiple vulnerabilities within VA information security management remain unmitigated. The committee’s charge is clear: conduct oversight of information mismanagement within the Department of Veterans Affairs and make certain the essential changes are made that will ensure this does not occur again,” he said.

Nicholson made the announcement on the second day of a full committee hearing on ways to reorganize the VA’s information technology bureaucracy to prevent future such incidents and strengthen the agency's IT programs.

On Wednesday, Buyer expressed dismay about the VA’s “refusal to get control of IT,” calling the department’s leaders “centurions of the status quo.”

Buyer told former and current VA officials that he is considering a package of new legislation for the agency, including giving the assistant secretary for IT more influence by elevating the position to the rank of undersecretary and boosting the deputy chief information officer to assistant secretary.

Sen. Larry Craig (R-Idaho), chairman of the Senate Committee on Veterans’ Affairs, said in a statement: “The news that the stolen data has been recovered is wonderful for veterans and active duty personnel. We are all holding our breath now for the FBI forensic analysis which we hope will confirm that the data has not been compromised.”

Nevertheless, Craig added, “Serious changes are needed in data protection governmentwide.”

On Tuesday, Nicholson told a congressional subcommittee the agency was requesting at least $160.5 million in emergency funds for new security measures to protect the personal information of veterans and active duty personnel.

He estimated that $29 million of the requested funds would come from the VA’s 2006 budget to cover employee costs at the Veterans Benefit Administration. The other $131.5 million would be reallocated from other areas of the White House budget, he said.

At the time, Nicholson said some of the money -- ranging from $10,000 to $20,000 per veteran or service member whose identity was stolen -- would go to defray their out-of-pocket expenses.