The decision to cancel the offer was made because of the "high degree" of confidence expressed by the FBI that the data hadn't been accessed or compromised, VA Secretary R. James Nicholson testified at a Senate committee hearing last Thursday. The FBI, which recovered the stolen equipment on June 29, issued a final report to the VA on its evaluation of the data last week.
Nicholson said that instead of paying for credit-monitoring services, the VA will soon retain an identity risk management and fraud-monitoring company to track whether any of the data is being misused.
The credit-monitoring cost had been pegged at US$160.5 million. Nicholson wouldn't specify what the VA expects to pay to monitor for fraud. But, he said, "it is surprisingly inexpensive."
Tim O'Pry, chief technology officer at The Henssler Financial Group in Kennesaw, Ga., is one of the veterans whose personal data was exposed. O'Pry said it's important to know how and why the FBI and VA are so confident that the information wasn't compromised.
"At a minimum, they should have a reputable third party validate that claim," O'Pry said. "If it is accurate, then withdrawing the [credit-monitoring] offer is reasonable."