The Department of Veterans Affairs notified veterans Monday morning of a data breach that resulted in the exposure of 46,000 veterans’ personal information.
The breach appears to have stemmed from unauthorized users accessing an application within the Financial Service Center (FSC) to steal payment away from community health care providers.
The VA said malicious actors used “social engineering techniques” and exploited “authentication protocols” to gain access to the system. Affected veterans have been notified with information on how to protect themselves given the breach, the department said.
“A preliminary review indicates these unauthorized users gained access to the application to change financial information and divert payments from VA,” a press release states. “To prevent any future improper access to and modification of information, system access will not be reenabled until a comprehensive security review is completed by the VA Office of