“The Financial Services Center (FSC) determined one of its online applications was accessed by unauthorized users to divert payments to community health care providers for the- medical treatment of Veterans. The FSC took the application offline and reported the breach to VA’s Privacy Office,” the statement said.
“To prevent any future improper access to and modification of information, system access will not be reenabled until a comprehensive security review is completed by the VA Office of Information Technology,” it added.
The VA did not immediately respond to CNN’s request for additional information about the breach, including questions related to who is believed to be responsible and whether any money was diverted from veterans who were affected.
Later Monday, department spokeswoman Christina Noel told CNN: “VA’s independent inspector general is investigating that issue, and in order to protect the integrity of the investigation, VA can’t comment further.”
The department is taking steps to alert veterans whose information was compromised.
“To protect these Veterans, the FSC is alerting the affected individuals, including the next-of-kin of those who are deceased, of the potential risk to their personal information. The department is also offering access to credit monitoring services, at no cost, to those whose social security numbers may have been compromised,” Monday’s statement said.
“Veterans whose information was involved are advised to follow the instructions in the letter to protect their data. There is no action needed from Veterans if they did not receive an alert by mail, as their personal information was not involved in the incident,” it adds.