Personal information of 46,000 veterans was compromised in breach

Personal information of 46,000 veterans was compromised in breach

Written by

Jackson Barnett

The Department of Veterans Affairs notified veterans Monday morning of a data breach that resulted in the exposure of 46,000 veterans’ personal information.

The breach appears to have stemmed from unauthorized users accessing an application within the Financial Service Center (FSC) to steal payment away from community health care providers.

The VA said malicious actors used “social engineering techniques” and exploited “authentication protocols” to gain access to the system. Affected veterans have been notified with information on how to protect themselves given the breach, the department said.

“A preliminary review indicates these unauthorized users gained access to the application to change financial information and divert payments from VA,” a press release states. “To prevent any future improper access to and modification of information, system access will not be reenabled until a comprehensive security review is completed by the VA Office of Information Technology.”

The faulty applications used to gain access to the FSC system and alter information to falsely receive payments have been taken offline and system access has been disabled pending a security review.

The VA did not return a request for comment before publication. It’s unclear if the department has identified who was behind the attack or how much was taken in the scheme.

Source Article