Modernizing Authentication — What It Takes to Transform Secure Access
WTVD reports that the U.S. Department of Veterans Affairs (VA) eBenefits Web site provided site visitors with access to other users' information for a brief period of time on January 15, 2014 -- Navy veteran Sylvester Woodland told WTVD at the time that the site showed him other veterans' medical and financial information (h/t SC Magazine).
In a statement provided to WTVD, the VA explained, "Wednesday evening, during a process to improve software supporting the joint VA and Department of Defense benefits web portal eBenefits, VA discovered a software defect. During that limited timeframe, some Veterans and Servicemembers who had registered and logged into eBenefits were able to see a combination of their own information as well as data from other eBenefits users. VA took immediate action upon discovering the software defect and shut the eBenefits system down in order to limit any problems."
"VA's independent Data Breach Core Team (DBCT) is reviewing this issue and believes a relatively limited number of Veterans have been affected," the VA added. "Once the DBCT determines the number of users impacted, their identities and other pertinent facts, VA will take the appropriate response, which may include free credit monitoring for the affected individuals, consistent with VA's standard practice."