Veterans Breach Renews Fight On DataSecurity

WASHINGTON - (05/25/06) – This week’s revelation ofa huge new loss of private information at the U.S. Department ofVeterans Administration has renewed congressional interest in acredit union-backed bid to target responsible parties in databreaches. Credit union lobbyists were working with lawmakers to adda provision to pending data security legislation which wouldrequire parties responsible for data breaches, includingthird-party processors, retailers or financial institutions, to payall costs accrued by affected consumers or businesses. Such arequirement is not currently in any of the half-dozen data securitybills being debated by Congress but credit union lobbyists areworking with lawmakers in the wake of the VA case to ensure thatcredit unions are not stuck holding the bill for any related costs.This issue has become the top priority for credit unions, whichhave spent millions of dollars over the past two years to recall,then reissue, more than a million credit and debit cards at riskfor fraud because of stolen data. Several lawmakers during a debatein the House Financial Services Committee Wednesday cited thisweek’s VA revelation, in which names and personal informationfor as many as 26 million military veterans were stolen on acomputer disc, as the latest in a growing number of reasons whyCongress needs to enact new laws. “This breach is just thelatest in a number of enormous breaches that highlight the need fora national (security) standard,” said Rep. Darlene Hooley,D-Ore. Hooley, also a member of the Committee on Veterans Affairs,said she will work to ensure the VA has adequate funding to notifyand affected veterans and to pay for any costs to resolve relatedidentity theft cases.