Montgomery County, Md., police arrested two teenagers Friday night and charged them with stealing a laptop from a Department of Veterans Affairs employee’s home, which had become the largest personal data breach in U.S. government history.
Police also believe a juvenile already in custody on unrelated charges was involved in the crime.
Authorities said that the theft, which highlighted poor computer security practices at the Department of Veterans Affairs, appeared to be random and unconnected to the data on the laptop.
Police depicted the suspects as ordinary thieves who are responsible for a string of other local burglaries but did not target the laptop and hard drive, which police say they stole along with jewelry and cash.
“As far as we can determine, this was a random burglary,” Montgomery County Police Chief J. Thomas Manger said at a news conference. “They did not know what they had.”
Manger said police don’t think that the theft was part of a “larger conspiracy.” — Washington Post
The laptop was stolen from the home of VA analyst Wayne Johnson, 60, who reportedly had worked for the department for over 30 years and had been taking the laptop home, complete with personal data on over 26 million veterans and active-duty military, for at least three years.
The VA is firing Johnson, but he is challenging the firing, the Post reported.
The laptop was recovered in June after a person who had the laptop saw reward signs posted for it and contacted U.S. Park Police.
Of course, the worst part of all this is that some mid-level VA bureaucrat waited three weeks to inform Secretary Jim Nicholson of the data theft. A couple of those bureaucrats have since been fired. And while the VA is trying to clean up their computer security act, you can be sure that not much will change. Government computer security has always sucked and probably will always continue to suck.