Apparently, when the VA isn’t getting their computers stolen, compromising personal data, the Chinese and other nations are hacking into the VA’s systems – and it’s been happening for years, according to the Washington Examiner.
At least eight different state-sponsored organizations have breached the security of VA data networks since at least March 2010, said Jerry Davis, who until February was the chief information security officer at VA.
“I learned that these attackers were a nation-state sponsored cyber espionage unit and that no less than eight different nation-state sponsored organizations had successfully compromised VA networks and data, or were actively attacking VA networks, attacks that continue at VA to this very day,” David said in written testimony
This stems the VA transmitting sensitive information, including medical records and personal information, over unsecure and unencrypted networks.
The worst part is that the VA doesn’t even know what has been stolen:
A foreign government hacked into Department of Veterans’ Affairs computers and stole data on as many as 20 million veterans, then covered its tracks by encrypting files before exporting them, according to congressional testimony today.
As a result, VA officials do not know what was stolen, a top VA official told the House Veterans’ Affairs Subcommittee on Oversight and Investigations. Potentially, the breach could be complete personal and medical records on everyone in the VA’s files, said Rep. Mike Coffman, R-Colo., the subcommittee chairman.
“These actors have had constant access to VA systems and data, information which included unencrypted databases containing hundreds of thousands to millions of instances of veteran information such as veterans’ and dependents’ names, Social Security numbers, dates of birth and protected health information,” Coffman said.
So, they’ve known about it for years and have still done nothing about it – way to take care of veterans.