Almost 1000 veterans’ data compromised by Oregon VA

The Salem based Oregon Department of Veterans’ Affairs has announced that the personal information of hundreds of veterans may have been compromised in a data breach.

According to ODVA department Director Cameron Smith, discharge and release papers of hundreds of veterans may have found their way into the possession of an unauthorized person.  The compromised information was on the DD214 certificate of release or discharge from active duty. There is no further information on how the documents got into the hands of an unauthorized person, or who the unauthorized person was.  Director Smith said that there is currently no evidence that any of the information has been used maliciously.

“A full investigation is pending,”said Director Smith.”It appears that 967 veterans’ personal information was shared outside of our control with an individual outside of our agency.”

Director Smith has already asked for a full review of the policies and procedures that govern who comes in contact with the confidential and private information of the veterans.

“Beyond the more immediate investigation and response for our veterans that are impacted, I have also asked our leadership team for a broader review of our policies and internal controls around veterans’ confidentiality and privacy. The trust our veterans have in our ability to keep their personal information private goes to the core of our work.”

Compromised information includes social security numbers, dates of birth, addresses and full names.  The information was in paper form, and not in digital form.

Affected veterans are being contacted via snail mail and will be offered free credit services.  There was no word on whether they’ll be offered identity theft protection.

The agency expressed “deep regret” over the data breach.

 

For information on how you can prevent your organization from being breached, visit www.miltonsecurity.com or call 714-515-4011.

 

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *