Tricare Data Breach Affects Millions – Check Your Mail

As you may have heard, personally identifying information regarding up to 4.9 million people was stolen from the possession of a Tricare contractor on September 14, 2011.  The contractor, Science Applications International Corporation (SAIC), was responsible for maintaining information on patients who utilized San Antonio area military treatment facilities, including laboratory work.  As the San Antonio laboratory facilities process certain laboratory tests for military treatment facilities worldwide, this includes a large number of patients who have never been seen in a San Antonio area facility.   As part of the contract, SAIC was required to make backup copies of all information and transporting these backup copies to a remote location.

During transportation, the electronic files were stolen from the transporting vehicle.  Fortunately, the format of the backups requires specific hardware and software to access the data.  It is unlikely that the data will be viewed and used for any malicious purposes, but it is always good to be careful.

If the information were to be accessed, the personally identifying information of patients would be available to be used for fraudulent purposes.  Included information may include names, Social Security Numbers, addresses, dates of birth, phone numbers, laboratory tests, and care provider names and locations.  The Tricare Management Activity has asked SAIC to offer one year of free credit monitoring and identity theft restoration services to all patients whose information may have been included in the compromise files.

Obviously, they had to let people know whether they were involved.  The 4.9 million involved represents over half of all Tricare eligible beneficiaries in the entire world!  Letters were sent to patients whose information may have been involved, including letters to parents if the patient was a minor.  My family received some of these letters recently.  It appears that there are several forms of the letter, because our letters specifically reference laboratory work and the fact that the patient was a minor.

It is important to note that the letter does not specifically mention that in order to utilize the credit monitoring service offered in the letter, you have to call the SAIC Incident Response Call Center mentioned in the last paragraph of the letter.  They are open Monday through Friday, 9 a.m. to 6 p.m. US Eastern Time.  You may call toll free to 855-366-0140.  If you are calling from outside the US, you may call collect to 952-556-8312.  This is the same place to contact if you have other questions that were not answered in the letter.

General information about fighting identity theft can be found at The Federal Trade Commission’s website.

About the Author

Kate Horrell
Kate Horrell is a military financial coach, mom of four teens, and Navy spouse. She has a background in taxes and mortgage banking, and a trove of experience helping other military families with their money. Follow her on twitter @realKateHorrell.

7 Comments on "Tricare Data Breach Affects Millions – Check Your Mail"

  1. I was notified that my data was stolen in this incident. I would love to know how my personal information was in the possesion of civilian contractor. I'm a reservist but I have NEVER been a customer of TRICARE. This is complete garbage, I guess DoD is just handing out our information now.

  2. William
    I hope that the Social security numbers are not used in the next election. Nothing should surprise anyone even if it was an inside job! The DOD should handle the data of all mil Personnel past and present in a closed system.

  3. I just received one of these letters. Here's what I don't like: why is this SAIC place asking me to fill out this form with my ssn, phone number, name, address, dob, signature, and current date, and then they want me to just drop this in the "snail mail" to them??? Yeah, that'll really help with identity protection. And this letter specifically says not to contact them via he internet. I don't trust the entire scenario. I would love to have more answers about how this happened in the first place and how on earth they have not caught who stole the information. We found Bin Laden but we can't find this loser? Get Team 6 on the job!

  4. Yea I thought it was a scam too.. What happens once the one yr of free protection is done

  5. I just got the letter too.. I agree this is outrageous.. There is got to be something that we can do.. i don't think free credit monitoring is sufficient enough.. And it was stolen by mexico.. 4.9 million.. i wonder if the guy that was "transporting" it if he had in his honda civic going to starbucks to get some coffee.. and then they know about this in SEPTEMBER and now we get a letter.. what about commands notifying there people. Or V.A. telling people that are using tricare or better yet make it public and not be like "shit happens" I feel we deserve more answers than just "hey fill the sheet and call it a day"

  6. There should be consequences for such re occurrences for mishandling and/or not securing information such as SSNs, DOBs etc…Employees who are negligent should be fired. I bet none of their personal information was included.

  7. I dont really understand why we have to use the mail if it was tricare members who got their ID stolen why can we send Emails to government emails and have it just digitaly signed. you can sign it on behalf of you and your depentends if theirs were taken. Mailing SSNs is a bad idea unless it is going through the Base Post Office. If our info can get taken from a van it can be taken out of the mail.

Comments are closed.