Quote:
An internal VA memo from the Corporate Data Center Operations in Austin, Texas, obtained by FedScoop, said the incident occurred Jan. 15 at 10 p.m. ET when 20 veterans called the VA help desk complaining the eBenefits system had presented them with information belonging to other veterans.
“Veteran A was able to access any of the information available in eBenefits for Veteran B, but it is unknown if Veteran A moved past the initial welcome page,” the memo states. “VA IT specialists are investigating whether or not logs can be pulled showing which pages were accessed. Approximately 10,000 users logged in to eBenefits on Jan. 15 so IT specialists are investigating in attempt to narrow the time frame of when the incident began and ended.”
CDCO is a unique public-private data center partnership known as a Franchise Fund Organization. Authorized by the Government Management Reform Act of 1994, CDCO manages more than 1,800 servers for a multitude of government agencies. It operates on a fee-for-service basis, rather than receiving direct federal funding. VA said in a statement Friday afternoon the incident stemmed from a “software defect” introduced “during a process to improve” the system.
Once the number of users affected by the problem is determined, VA “will take the appropriate response, which may include free credit monitoring for the affected individuals,” according to the statement.
|
Users could see other peoples data, but
no mention of being able to change anything.
Fortunately it looks like this is the same as those credit card breaches, where private information is stolen, rather than benefits been messed with.