The VA’s Online Medical Payments Form Was Hacked To Divert Money For Veteran Care

0
40








The personal information of at least 46,000 veterans has been exposed in a data breach at the Department of Veterans Affairs.

According to the VA, the leak is related to an online form used for medical payments.

“VA’s independent inspector general’s investigator is investigating that issue, and in order to protect the integrity of the investigation can’t comment further,” VA spokesperson Christina Noel told Federal News Network.

Personal data of an estimated 48,000 veterans has been exposed.

Source: Pexels
Personal data of an estimated 48,000 veterans has been exposed.

A preliminary review conducted by the VA’s Privacy Office discovered that unauthorized users were able to alter the form to divert submitted payments from the VA to community care health providers, “using social engineering techniques and exploiting authentication protocols.”

“To protect these Veterans, the FSC is alerting the affected individuals, including the next-of-kin of those who are deceased, of the potential risk to their personal information,” the VA reports. “The department is also offering access to credit monitoring services, at no cost, to those whose social security numbers may have been compromised.”

The VA has suffered more than one data breach in the last year.

Source: Pexels
The VA has suffered more than one data breach in the last year.

Veterans who have been impacted by this data breach are being sent notifications by mail.

“Veterans whose information was involved are advised to follow the instructions in the letter to protect their data,” the VA reports. “There is no action needed from veterans if they did not receive an alert by mail, as their personal information was not involved in the incident.”

The VA’s Office of Information and Technology is expected to complete a security review before the online payment system is restored.

Hackers used social engineering to gain access to the VA's medical payments system.

Source: Pexels
Hackers used social engineering to gain access to the VA’s medical payments system.

Close to 200,000 Social Security numbers and other sensitive information stored by the Defense Information Systems Agency was exposed between May and July 2019. The DISA followed up with letters to those impacted, many rightfully upset that “a U.S. defense agency charged with providing information technology and communications support to the U.S. government, including the president and other senior officials,” as TechCrunch reports, would be so lax in its own security measures.

According to The Hill, both of these events pale in comparison to the VA’s 2006 data breach, when “a computer disk was stolen that contained the names, Social Security numbers and birth dates of around 26.5 million veterans, including several lawmakers.”

Worst Wildfires In Recent History Burn Up West Coast States, 10 Dead So Far: Click “Next” below!

Matthew Russell is a West Michigan native and with a background in journalism, data analysis, cartography and design thinking. He likes to learn new things and solve old problems whenever possible, and enjoys bicycling, going to the dog park, spending time with his daughter, and coffee.



Source link