U.S. Dept of Veterans Affairs data breach affects 46,000 veterans

The U.S. Department of Veterans Affairs (VA) has suffered a data breach that has led to the exposure of personal information for over 46,000 veterans.

The VA department was created to ensure United States veterans receive the health services, benefits, and care they deserve.

In a data breach notification released yesterday, the VA states that hackers breached their systems to steal payments earmarked for health care providers who provided treatment to veterans.

“The Financial Services Center (FSC) determined one of its online applications was accessed by unauthorized users to divert payments to community health care providers for the­ medical treatment of Veterans. The FSC took the application offline and reported the breach to VA’s Privacy Office,” states the VA’s notification.

An investigation conducted by the agency determined that unauthorized users gained access to their systems through social engineering and by exploiting authentication protocols.

To prevent further unauthorized access, the VA has shut down access to its systems until the VA Office of Information Technology completes a thorough investigation.

While the VA has not stated what personal information was released, due to the breached systems’ nature, it could be veterans’ names, addresses, social security numbers, phone numbers, and possibly medical information.

Also Read: PDPA Breach Penalty Singapore: How Can Businesses Prevent

The VA  Financial Services Center (FSC) is contacting all affected individuals, including the next-of-kin of those deceased, to warn them of the risk to their data.

All victims whose social security numbers were exposed will also be receiving free credit monitoring services.

What affected veterans should do

It is unclear what information was leaked in this data breach, but we know for some veterans that their social security number was leaked.

Due to this, it is strongly advised that all affected people closely monitor their credit history for fraudulent activity.

If anything is detected, they should immediately contact the VA and the associated companies to report the fraud.

Affected people should also be on the lookout for targeted phishing campaigns that may include information stolen during this attack.

If emails are received with links that ask you to login or submit personal information, they should be ignored, and the VA should be contacted to determine the email’s legitimacy.

If free credit monitoring is offered, it is strongly advised that you use it to monitor your credit report.

Also Read: How To Anonymised The Data: What Are The Importance of This?