Former US Naval Research Laboratory employee charged with theft
Technorati Tag: Security Breach
Date Reported:
10/1/08
Organization:
United States Navy (Department of the Navy)
Contractor/Consultant/Branch:
Office of Naval Research (ONR)
US Naval Research Laboratory
Location:
Washington, DC
Victims:
"employees and contractors who worked at the laboratory from 1998 to 2002"
Number Affected:
14
Types of Data:
"private information"
Breach Description:
"A former computer systems administrator for the Naval Research Laboratory pleaded guilty today to a federal charge stemming from the theft of nearly 19,000 pieces of computer and office equipment."
Reference URL:
The Examiner (Washington DC) via WTOP
The Washington Post
Network World
Report Credit:
The Examiner
Response:
From the online sources cited above:
After Victor Papagno Jr. was arrested on a domestic violence charge in August 2007, his wife, Andrea, told his bosses at the Naval Research Laboratory that she wanted his work stuff out of the house, federal sources said.
Navy officials didn't know what she was talking about.
When they showed up at the Papagno's Calvert County home, authorities found a crime scene: 19,709 pieces of stolen computer equipment from the Navy lab - hard drives, CDs, zip drives, floppy disks - worth up to $1.6 million, according to court documents and Navy officials.
[Evan] 19,709 stolen items, and nobody at the Naval Research Laboratory noticed?!
Papagno, 40, the computer administrator for the Navy research lab, had accumulated so much hardware that some of the boxes had to be stored at neighbors' homes
[Evan] Wow! What do these people think? Do they think?
Among other things, prosecutors said, Papagno has admitted taking more than 100 personal computers, 167 computer keyboards, 275 computer mice, 80 computer monitors, 187 printer toner cartridges, and nearly 5,000 pieces of computer software
[Evan] As important as or more important than the hardware is the information. It would be very interesting to know what information was exposed. Do you think that Mr. Papagno securely destroyed the information on the computers and hard drives before stealing them? Maybe he stole them from a storage facility and the computers and hard drives were wiped beforehand. It could happen.
Victor Papagno is scheduled to appear today in a federal courtroom in the District to plead guilty to theft of government property.
His attorney, Thomas Joseph Kelly Jr., said the plea agreement was "fragile" and he could not comment about the case.
NRL spokesman Dick Thompson said that no secret technological information had been breached in the computer equipment theft.
[Evan] I presume that one of the first tasks conducted by the NRL was to determine the amount and type of information exposed.
A review found that the private information of 14 employees and contractors who worked at the laboratory from 1998 to 2002 had been found on CDs or zip drives, and those people were contacted
[Evan] All of this equipment and only 14 people have their personal information exposed?
According to charging documents, from 1997 to 2007, Papagno took the equipment home for his own personal use and for family and friends
[Evan] This guy was stealing from his employer for 10 years.
Papagno, who started working for NRL in 1989, resigned on Aug. 20
That was three days after his arrest for domestic violence. His wife dropped the charges.
[Evan] She probably figures that her husband is in enough trouble as it is. Do you think she feels some regret for tipping off Naval officials?
Under sentencing guidelines, he faces a likely term of 12 to 18 months in prison. U.S. District Judge Paul L. Friedman set his sentencing for Dec. 22.
Commentary:
This is crazy. A guy working for the NRL steals over 19,000 items from his employer over the course of 10 years without detection. He steals so much stuff that he starts to store it at his neighbor’s house. Still no detection. He assaults his wife. She calls his employer, and he gets busted.
Rule #1: Do NOT tick off your wife. If you do, swallow your pride, apologize and leave it at that.
Rule #2: Crime doesn't pay. Especially if you are dumb.
I don't work for NRL and I am not intimately familiar with the controls they use, but I would guess that they use some pretty sophisticated surveillance. I would also guess that they use security guards. How does a guy get out the door with so much equipment, no questions asked?
Past Breaches:
January, 2008 - The Naval Surface Warfare Center warns employees
Date Reported:10/1/08
Organization:
United States Navy (Department of the Navy)
Contractor/Consultant/Branch:
Office of Naval Research (ONR)
US Naval Research Laboratory
Location:
Washington, DC
Victims:
"employees and contractors who worked at the laboratory from 1998 to 2002"
Number Affected:
14
Types of Data:
"private information"
Breach Description:
"A former computer systems administrator for the Naval Research Laboratory pleaded guilty today to a federal charge stemming from the theft of nearly 19,000 pieces of computer and office equipment."
Reference URL:
The Examiner (Washington DC) via WTOP
The Washington Post
Network World
Report Credit:
The Examiner
Response:
From the online sources cited above:
After Victor Papagno Jr. was arrested on a domestic violence charge in August 2007, his wife, Andrea, told his bosses at the Naval Research Laboratory that she wanted his work stuff out of the house, federal sources said.
Navy officials didn't know what she was talking about.
When they showed up at the Papagno's Calvert County home, authorities found a crime scene: 19,709 pieces of stolen computer equipment from the Navy lab - hard drives, CDs, zip drives, floppy disks - worth up to $1.6 million, according to court documents and Navy officials.
[Evan] 19,709 stolen items, and nobody at the Naval Research Laboratory noticed?!
Papagno, 40, the computer administrator for the Navy research lab, had accumulated so much hardware that some of the boxes had to be stored at neighbors' homes
[Evan] Wow! What do these people think? Do they think?
Among other things, prosecutors said, Papagno has admitted taking more than 100 personal computers, 167 computer keyboards, 275 computer mice, 80 computer monitors, 187 printer toner cartridges, and nearly 5,000 pieces of computer software
[Evan] As important as or more important than the hardware is the information. It would be very interesting to know what information was exposed. Do you think that Mr. Papagno securely destroyed the information on the computers and hard drives before stealing them? Maybe he stole them from a storage facility and the computers and hard drives were wiped beforehand. It could happen.
Victor Papagno is scheduled to appear today in a federal courtroom in the District to plead guilty to theft of government property.
His attorney, Thomas Joseph Kelly Jr., said the plea agreement was "fragile" and he could not comment about the case.
NRL spokesman Dick Thompson said that no secret technological information had been breached in the computer equipment theft.
[Evan] I presume that one of the first tasks conducted by the NRL was to determine the amount and type of information exposed.
A review found that the private information of 14 employees and contractors who worked at the laboratory from 1998 to 2002 had been found on CDs or zip drives, and those people were contacted
[Evan] All of this equipment and only 14 people have their personal information exposed?
According to charging documents, from 1997 to 2007, Papagno took the equipment home for his own personal use and for family and friends
[Evan] This guy was stealing from his employer for 10 years.
Papagno, who started working for NRL in 1989, resigned on Aug. 20
That was three days after his arrest for domestic violence. His wife dropped the charges.
[Evan] She probably figures that her husband is in enough trouble as it is. Do you think she feels some regret for tipping off Naval officials?
Under sentencing guidelines, he faces a likely term of 12 to 18 months in prison. U.S. District Judge Paul L. Friedman set his sentencing for Dec. 22.
Commentary:
This is crazy. A guy working for the NRL steals over 19,000 items from his employer over the course of 10 years without detection. He steals so much stuff that he starts to store it at his neighbor’s house. Still no detection. He assaults his wife. She calls his employer, and he gets busted.
Rule #1: Do NOT tick off your wife. If you do, swallow your pride, apologize and leave it at that.
Rule #2: Crime doesn't pay. Especially if you are dumb.
I don't work for NRL and I am not intimately familiar with the controls they use, but I would guess that they use some pretty sophisticated surveillance. I would also guess that they use security guards. How does a guy get out the door with so much equipment, no questions asked?
Past Breaches:
January, 2008 - The Naval Surface Warfare Center warns employees
Posted by Evan Francen at 10/6/2008 11:40 AM 
Categories: Employee Theft, US Naval Research Lab, United States Navy
Categories: Employee Theft, US Naval Research Lab, United States Navy
Posts Atom 1.0
Comments