August 10, 2006 4:27 PM PDT

VA laptop breach victims to get free ID monitoring

The Department of Veterans Affairs announced Wednesday that it has accepted an offer from an analytics company to monitor veterans' personal data for free.

Until a routine security audit is approved, the agency will hand over the data, which was breached as a result of a laptop theft, to ID Analytics. The California-based company, which specializes in identity risk management, will look for patterns of misuse.

ID Analytics said it is offering its service to veterans for free in an effort to get out the word on its new technology.

Using its own Graph Theoretic Anomaly Detection technology, ID Analytics promises to trace and map the life of any identity it is given, as well as of identities or institutions associated with that individual. It then analyzes the map for anomalous activity in behavior patterns.

"You can't detect fraud by looking at one person. You look at the person and their relationships, and how those have moved across the time, and what kind of pattern that might create," said Mike Cook, a vice president at ID Analytics.

The company does this by analyzing the data inside something it calls the "ID Network." This is a gigantic database that contains information from participating credit card companies, financial institutions, telecom companies, retail lenders, government agencies and, soon, health care agencies. ID Analytics started the ID Network about four years ago. It now contains more than 3 billion "identity elements" that cover where and how personal details have been used over time, Cook said.

The company has strict policies on security and secrecy. Unlike many credit monitoring and reporting agencies, it does not sell or share any of the personal information it collects. It also keeps all of its data encrypted, Cook said.

"What impresses us most about them is that data goes in and data does not come back out," said Jay Foley, executive director of the Identity Theft Resource Center.

The VA laptop at the center of the controversy was stolen in May and recovered in June. Its suspected thieves were arrested on Saturday. The suspects claimed ignorance of the stolen laptop's sensitive contents.

See more CNET content tagged:
analytics, risk management, veteran, agency, monitoring


Join the conversation!
Add your comment
VA laptop breach
If Bush can't get the government to get the information he wants then use the "I'll protect you" theme to get my trust.....NOT !!!!!
I'm very sad to say I do not trust the Republican or the Passive Democrats with any of my Information. The past six years they have stipped me of every ounce of security I had. I'll fight for it if I have to!
Posted by Domestech (8 comments )
Reply Link Flag
Your Rant
paranoia: n.
* A psychotic disorder characterized by delusions of persecution with or without grandeur, often strenuously defended with apparent logic and reason.
* Extreme, irrational distrust of others.
Posted by kakodes (12 comments )
Link Flag
About Time
This is the least they can do after such an egregious lack of security risk measures to our U.S. Veterans information <a class="jive-link-external" href="" target="_newWindow"></a>

Especially since earlier this week it was reported this week that another 38,000 Vets IDs were breached after a machine disappeared from Unisys, a subcontractor <a class="jive-link-external" href="" target="_newWindow"></a>
Posted by marileev (292 comments )
Reply Link Flag
But will they ever make up their minds?
The Dept. of Veterans Affairs has once before announced that they will offer credit monitoring to these vets. Then followed an announcement that such security measure isn't "necessary"... now they're saying they'll offer it again?
"About time" is right, and hopefully they've made up their mind for the last time.
Posted by ml_ess (71 comments )
Link Flag
Yet another security risk
Having such a database in the first place... followed by publicizing it openly in the news makes it yet another fair game for hackers with intent on stealing the patterns which this group has come up with.

And as such information is held so secretly, there's no telling who they might sell such information to such as advertisers, etc. to pattern their SPAM to those users.

Once such data has been accessed (and it will only be a period of time before it is breached), if the hackers continue to use that data following the patterns already know... it will be virtually impossible to trace them using that method any more.

Posted by wbenton (522 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.