| East Lake -- It is happy hour in a paneled, east Birmingham tavern - American Legion post 171 -- and the aroma of beer, hot dogs and plumes of cigarette smoke permeate the noisy, windowless place.
Conversations criss-cross from seat to bar and all points in between. Among the topics, what happened at the hospital many of these veterans use.
"I think it's a concern to everybody, obviously."
Army veteran Jerry Brown served during the Vietnam era and says he's been trying to keep up with all that's going on. But he says he knows from past experience, the matter - however serious - will somehow be resolved.
"Uh, it's something that could cause a lot of people a lot of problems, but I'm confident that the VA will handle it. We have a very good hospital here and I think it will be handled."
Eddie Finton is a bit more skeptical, saying that a possible breach could have national security implications.
"How many of those people had different security levels that their names could now be breached ... so that would be more of a concern than a hacker going in and using that type of information for personal gain."
Whatever the opinion, the debate seems to be shifting from the ineptitude of losing the drive in the first place to the fact that so many names are included, to -- and most contentious now -- why it took three weeks for the VA to say anything to those affected.
Department of Veterans' Affairs spokesman Matt Burns says investigators wanted to know exactly what had happened before going public.
"The Inspector General and other investigators needed time and were in communication with the department. They felt they needed time to get on the ground and determine a) was this in fact missing b) whether or not it was a criminal act involved and they wanted to be able to gather facts before jumping to any conclusions about what may've been involved."
Birmingham Congressman Artur Davis says the bottom line is that the information went missing; that, yes, there should be a thorough investigation into what happened, but in the meantime, the people involved should've been notified.
"Under either scenario, there is a risk of the sensitive information being put in the wrong hands. So the obligation, in my opinion, should've been to notify the affected individuals and to empower them to take steps to protect themselves."
To help with that, the VA is offering free credit monitoring for a year for those affected. One Army vet, Jim Fraunaugh, who may be on the list, says this latest incident should be a wake up call for government.
"They need to tighten up, get it together and take care of the veterans. There's millions that have died for this country and now we're exposing them to things that we don't know what may be to them."
Just last week, VA Secretary Jim Nicholson testified before the Senate Veterans Affairs Committee about the agency's budget, which includes more than $1.8 (B) billion for technology and data protection. Because of the theft of a laptop and hard drive last year the agency was in the process of updating its security and encryption. But portions of the data on the Birmingham drive were not encrypted.
~Steve Chiotakis, February 19, 2007