Data on 26.5 million vets--how could you even get this home?

[CookingWithGas]

OtakuLoki:

Cooking with Gas, and Uncommon Sense, I see your points about the media coverage, but I don’t think it could have been avoided. The simple number of people at risk because of this data leak is such that I don’t think they could or should keep quiet about it.

I agree that people needed to be notified that data was compromised. However, I think reporting the details of the theft are unnecessary. The Post article (available for free for two weeks) reported that

The burglary occurred May 3 in Aspen Hill, according to a source with knowledge of the incident who spoke on the condition of anonymity because the matter is under investigation. . . .According to a police report, someone pried open a window to the employee’s home between 10:30 a.m. and 4:45 p.m. on May 3. The burglar or burglars took a laptop, an external drive and some coins.

It could have said, “Data was stolen from a VA employee.” The details are not useful to the victims and the burglar now clearly knows what he stole, although he may not still have it. Even if he doesn’t have a watch or a calendar or a map, I’ll bet he remembers the coins. :rolleyes:

It looks like the government did not officially release this information, but I question the media’s judgement as to whether this information serves the public interest.

[drachillix]

Crotalus:

Thanks for the explanation, drachillix. I’m an applications programmer and haven’t ever run into the need to store vast amounts of data locally. Plus, I can log on from home and access the production database, so downloading would just be a waste of time and space for me.

The big question would of course be the prudence of testing a new app against live data on the system. Everything I have ever seen or heard of with this scale of system test runs on a smaller scale the rolls it out to small segments of an operation to see if anything weird happens.

In my old employers case the nearest branch to the corp HQ was the main guinea pig. If everything ran smoothly with one banch, it was expanded to a region (4-5) branches. If that was ok add in 3-5 more regions, and eventually the whole company.

This also allows for the IT people to forecast cpu and network bandwidth needs for the new software package especially since a newer app is invariably interacting with more information than the old. No biggie for a standalone business but put 80 facilities with 20-30 barcode scanners each, with each scanner making several thousand transactions per day, you start needing some pretty hefty data lines to handle spikes that may or may not already be in place.

Lag in systems of this scale get expensive. having 2,000 employees waiting 30 seconds every time they try to post a transaction comes out to around $150 in labor spent waiting for the system per transaction companywide. 20-30 days later, even a major server upgrade looks pretty cheap.

[Gary_Robson]

CookingWithGas:

My heartburn with all of the media coverage is that if the burglar didn’t know what he had then, he sure knows now.

I just loved the way our local paper headlined the AP story: The headline read “Stolen disks had veterans’ info” with a subhead saying “Burglars may not realize what they have.” Sure they do. You just told them, idiots.