UPDATED 23:27 EDT / SEPTEMBER 14 2020

SECURITY

Cybersecurity incident leads to 46,000 records being stolen from VA

Personally identifiable information relating to about 46,000 U.S. military veterans has been stolen in a cybersecurity incident involving a payments website operated by the Department of Veterans Affairs.

The data breach involved “unauthorized users” gaining access to a VA application and changing financial information to divert payments from the department to community care providers “using social engineering techniques and exploiting authentication protocols.”

The application in question was taken offline by the Financial Services Center of the VA to prevent future improper access. “System access will not be reenabled until a comprehensive security review is completed by the VA Office of Information Technology,” the VA said in a statement today.

Veterans and family members of deceased veterans who have been affected are being alerted by the VA of the data breach, with credit monitoring services also being offered at no cost to those whose Social Security numbers may have been compromised.

“The federal government has a bigger responsibility to protect the systems they use to transact their business because the potential for damage is much higher,” Brandon Hoffman, chief information security officer at IT service management firm NetEnrich Inc., told SiliconANGLE. “In the past, federal government systems breaches have led to significant damage. In this case, the VA serves part of America that really doesn’t need any more hassle. The latitude given to federal agencies is also something that is worth discussing. There still remains not central policy governing security and data resiliency across the federal government at large.”

Tim Wade, technical director of the CTO Team at artificial intelligence cybersecurity company Vectra AI Inc., noted that “given that the loss of records safeguarded by the federal government has been in batches of hundreds of thousands, or even millions in recent memory, it is probably a relief to someone somewhere that this breach accounts for less than 50,000.”

“That we’re framing this loss in that context just further underscores the need for federal systems to rapidly modernize IT security capabilities,” Wade added. “Leadership at the top must take accountability and cultural changes must occur, if we are to expect these patterns to abate.”

Image: Department of Veterans Affairs

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU