U.S. lawmakers said Thursday they have learned of two more data breaches at the U.S. Department of Veterans Affairs (VA), even as the agency announced that law enforcement agencies had recovered stolen computer hardware containing the personal information of millions of U.S. military veterans.The House of Representatives Veterans Affairs Committee has learned of a May 5 incident in which a data tape disappeared from a VA facility in Indianapolis, Ind., and a 2005 incident in which a VA laptop was stored in the trunk of a car that was stolen in Minneapolis, Minn., said Rep. Steve Buyer, chairman of the committee.Also on Thursday, Pedro Cadenas Jr., the VA’s chief information security officer, submitted his resignation. Cadenas, at the VA since 2002, had also served as acting deputy chief information officer at the VA in recent months. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe Before the Thursday morning hearing, VA Secretary James Nicholson said law enforcement agencies had recovered a laptop and hard drive stolen from a VA analyst’s home in early May. The Federal Bureau of Investigation, after conducting forensics on the hardware, determined the personal data of 26.5 million veterans and their spouses was not accessed by the thieves, Nicholson later said. Buyer, an Indiana Republican, said he was surprised at Cadenas’ resignation, which comes on the heels of former VA CIO Robert McFarland’s resignation earlier this year. Nicholson said lawmakers should expect more resignations as he tries to overhaul the IT security practices at the agency.But the VA leadership has generally dismissed concerns raised by past CIOs and CISOs that the agency’s decentralized IT management structure hurts IT security, Buyer said. “Maybe the wrong people are leaving,” he said. However, Buyer and other committee members praised Nicholson for a plan that includes an overhaul of the agency’s IT department and a memo giving the VA CIO new authority. Nicholson’s response Thursday was a big change from the slow reaction following the data theft, Buyer said. “Mr. Secretary, you have stepped forward,” Buyer added. “You’re off your heels and on your toes.”Nicholson and other VA officials detailed the two other data breaches to the committee. The Indiana data tape contained information on more than 16,500 legal cases involving U.S. veterans, VA officials told committee members during a hearing on data security. The information could include veterans’ Social Security numbers, dates of birth and legal documents, VA officials said.In the Minnesota case, the laptop contained the personal information of 66 people, and two people later reported identity fraud problems, VA officials said.Buyer said the Indiana case concerned him because some of the facts paralleled the stolen laptop incident.Nicholson was told by assistants of the stolen laptop nearly two weeks after it happened, and he was told about the May 5 data tape incident on May 23 or 24, he said.Buyer and Rep. Bob Filner, a California Democrat, both questioned Nicholson’s decision to attempt to fire the analyst whose house was broken into. Filner brought documents to the committee showing the analyst had authorization to use VA software at home and to take laptops home. The analyst is facing a hearing to determine if the VA can fire him. Filner questioned Nicholson’s statements suggesting the analyst was guilty of gross negligence. “It seems to me that the gross negligence is in the policies,” he said.— Grant Gross, IDG News Service (Washington Bureau)For more information, read Data Theft at the VA. (CSOonline.com)Check out our CIO News Alerts and Tech Informer pages for more updated news coverage. Related content feature 4 reasons why gen AI projects fail Data issues are still among the chief reasons why AI projects fall short of expectations, but the advent of generative AI has added a few new twists. By Maria Korolov Oct 04, 2023 9 mins Data Science Data Science Data Science feature What a quarter century of digital transformation at PayPal looks like Currently processing a volume of payments worth over $1.3 trillion, PayPal has repeatedly staked its claim as a digital success story over the last 25 years. But insiders agree this growth needs to be constantly supported by reliable technological ar By Nuria Cordon Oct 04, 2023 7 mins Payment Systems Digital Transformation Innovation news analysis Skilled IT pay defined by volatility, security, and AI Foote Partners’ Q3 report on IT skills pay trends show AI and security skills were in high demand, and the value of cash-pay premiums was more volatile but their average value across a broad range of IT skills and certifications was slightly do By Peter Sayer Oct 04, 2023 6 mins Certifications Technology Industry IT Skills brandpost Future-Proofing Your Business with Hyperautomation By Veronica Lew Oct 03, 2023 7 mins Robotic Process Automation Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe