Hackers breached a payment application used by the U.S. Department of Veterans Affairs, compromising the personal information of at least 46,000 veterans. The hackers managed to gain access to the application using “social engineering techniques and exploiting authentication protocols.” Once the unauthorized users were in the system, they were able to change payment information and divert funds from the VA.
The application has been taken offline and will undergo a comprehensive security review conducted by the VA’s Office of Information Technology.
Veterans who were impacted by the breach will receive a letter that will provide more information, and the next steps for the victims.
“To protect these Veterans, the [VA’s Financial Services Center], is alerting the affected individuals, including the next-of-kin of those who are deceased, of the potential risk to their personal information. The department is also offering access to credit monitoring services, at no cost, to those whose social security numbers may have been compromised,” the department said in a statement.
Officials have not said if they know who is responsible or if any money was stolen from the personal accounts of the veterans.