The Department of Veterans Affairs (VA) of USA revealed that he had suffered a security breach, during which the personal data of approximately 46.000 war veterans were personally stolen. According to officials, the breach took place after hackers acquired access on an online application managed by the Financial Services Center (FSC) of VA.
The Ministry of Veterans Affairs announced that hackers used techniques social engineering and exploited the authentication protocol to gain access to the FSC application and then divert payments of the VA intended for health care providers, for the medical care and treatment of U.S. war veterans.
While officials are still investigating the incident, the Department of Veterans Affairs estimates that hackers may also have gained access to archives veterans, which include sensitive and confidential information, such as social security numbers.
In addition, the Ministry stated in a press release that for protection of these veterans, the FSC warns those affected by the security breach, including relatives of those who have died, that their personal information is at stake.
The Ministry also offers free access to services monitoring financial records of those whose social security numbers may have been exposed after the breach of security. Once the violation was identified, the implementation of the FSC was shut down and the Ministry took the necessary steps to prevent and mitigate any harm to these individuals. VA officials also said they do not intend to reinstate the application until the ministry's IT Office completes the security check.
It is worth noting that this is not the first time the Ministry of Veterans Affairs has revealed that it has suffered a security breach. In 2006, the biggest personal information breach ever uncovered was revealed - strangers stole one laptop and an external hard drive, which contained the personal files of 26 million veterans, their spouses and "active duty" individuals. The incident took place in the context of a robbery at the home of an official of the Ministry, who was allowed to work from home. Later, however, the Inspector General stated that the perpetrator was found guilty of his act.