Veterans Affairs Deputy Assistant Secretary steps down over theft
Michael H. McLendon is a Veterans Affairs (VA) Deputy Assistant Secretary who didn't immediately notify top officials about a theft of millions of veterans' personal information is stepping down, citing missteps that led to the security breach. Michael H. McLendon, deputy assistant secretary for policy who supervised the VA data analyst who lost the data, said he would relinquish his high-level post on Friday.
“Words are inadequate to describe how I feel about these recent events and the impact on the band of brothers and sisters of service members and veterans that we are supposed to serve,” McLendon wrote in a letter obtained Tuesday by The Associated Press.
“Given that this very serious and tragic event occurred on my watch and in my organization, I feel it necessary that I tender my resignation,” stated the letter, which was submitted to the VA late Friday. “I would be modeling the wrong behavior to my staff and others in VA if I took no action to be responsible.”
Michael H. McLendon, VA deputy assistant secretary for policy, learned of the May 3 burglary less than an hour after the worker (GS-14) reported it to his supervisors and to Montgomery County police, according to a briefing document, given to congressional committees this week by the VA. McLendon met with two high-ranking VA information security specialists the next day.
The briefing document reveals new details about the 60-year-old man at the heart of the scandal. He is a senior-level career employee working as an information technology specialist in the Office of Policy. As a GS-14 level employee, he earns between $91,407 and $118,828 a year.
Among items stolen from his Aspen Hill home was an external computer hard drive that VA officials say contained the unencrypted names, birthdates and Social Security numbers of 19.6 million to 26.5 million veterans.
In a meeting with McLendon two days after the theft, the employee "assumed full responsibility, acknowledging he knew he should not have taken the data out of the office," the summary says. James J. O'Neill, VA deputy assistant inspector general for investigations, said in an interview yesterday that the employee is cooperating fully in the investigation. "He reported it [the theft] immediately, and he certainly could have kept it quiet," O'Neill said.
According to the document, Dennis M. Duffy, acting assistant secretary for policy, planning and preparedness, was told of the theft May 5. Duffy asked VA computer security specialists to determine the extent of the data lost and three days later asked them to draft a memo. McLendon convened a meeting of the Office of Policy staff May 9 to stress the importance of data security and had the data analyst discuss his experience.
It was not until that day, May 9, that Duffy informed VA Chief of Staff Thomas Bowman about the theft, suggesting that senior management should discuss the department's obligations to notify veterans whose data may have been compromised. Bowman told Deputy Secretary Gordon Mansfield, the department's No. 2 official, the next afternoon, but neither man informed Nicholson until May 16, the document shows.
Nicholson told the White House that day and informed Congress and the public six days later, on May 22.
"What the timeline shows is that, once he was informed, the secretary acted quickly, decisively and in the best interest of veterans," said Matt Burns, a VA spokesman.
The 60 year old data analyst will be dismissed while the acting head of the division in which he worked, Dennis Duffy, has been placed on administrative leave, VA Secretary Jim Nicholson said Tuesday.
“Words are inadequate to describe how I feel about these recent events and the impact on the band of brothers and sisters of service members and veterans that we are supposed to serve,” McLendon wrote in a letter obtained Tuesday by The Associated Press.
“Given that this very serious and tragic event occurred on my watch and in my organization, I feel it necessary that I tender my resignation,” stated the letter, which was submitted to the VA late Friday. “I would be modeling the wrong behavior to my staff and others in VA if I took no action to be responsible.”
Michael H. McLendon, VA deputy assistant secretary for policy, learned of the May 3 burglary less than an hour after the worker (GS-14) reported it to his supervisors and to Montgomery County police, according to a briefing document, given to congressional committees this week by the VA. McLendon met with two high-ranking VA information security specialists the next day.
The briefing document reveals new details about the 60-year-old man at the heart of the scandal. He is a senior-level career employee working as an information technology specialist in the Office of Policy. As a GS-14 level employee, he earns between $91,407 and $118,828 a year.
Among items stolen from his Aspen Hill home was an external computer hard drive that VA officials say contained the unencrypted names, birthdates and Social Security numbers of 19.6 million to 26.5 million veterans.
In a meeting with McLendon two days after the theft, the employee "assumed full responsibility, acknowledging he knew he should not have taken the data out of the office," the summary says. James J. O'Neill, VA deputy assistant inspector general for investigations, said in an interview yesterday that the employee is cooperating fully in the investigation. "He reported it [the theft] immediately, and he certainly could have kept it quiet," O'Neill said.
According to the document, Dennis M. Duffy, acting assistant secretary for policy, planning and preparedness, was told of the theft May 5. Duffy asked VA computer security specialists to determine the extent of the data lost and three days later asked them to draft a memo. McLendon convened a meeting of the Office of Policy staff May 9 to stress the importance of data security and had the data analyst discuss his experience.
It was not until that day, May 9, that Duffy informed VA Chief of Staff Thomas Bowman about the theft, suggesting that senior management should discuss the department's obligations to notify veterans whose data may have been compromised. Bowman told Deputy Secretary Gordon Mansfield, the department's No. 2 official, the next afternoon, but neither man informed Nicholson until May 16, the document shows.
Nicholson told the White House that day and informed Congress and the public six days later, on May 22.
"What the timeline shows is that, once he was informed, the secretary acted quickly, decisively and in the best interest of veterans," said Matt Burns, a VA spokesman.
The 60 year old data analyst will be dismissed while the acting head of the division in which he worked, Dennis Duffy, has been placed on administrative leave, VA Secretary Jim Nicholson said Tuesday.