The U.S. Department of Veteran Affairs (VA) has suffered a data breach that exposed the personal information of over 46,000 veterans. In the data breach notification, the VA states that the attackers breached their systems to redirect payments that were earmarked for health care providers who helped veterans. During an internal investigation, it was determined that the attackers gained access to the VA through social engineering and by exploiting authentication protocols. To stop further harm, the VA shut down access to its systems until the investigation could be completed. While the VA has not stated what information was released, due to the nature of the breach, it potentially contained veteran’s names, addresses, SSNs, phone numbers, and possibly private medical information. The VA is contacting all affected individuals, including the next-of-kin of deceased veterans, to warn them of the risk to their data. All veterans whose SSNs were exposed will also be receiving free credit monitoring services.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in