The U.S. Veterans of Foreign Wars (VFW) recently began notifying 55,000 VFW members that their names, addresses and Social Security numbers may have been exposed when a hacker "gained access to the VFW's Web server through the use of a remote access Trojan and malicious code."
"Based on other activity by the hacker, suspected to be from China, VFW has been informed that the purpose of the attack was not identity theft, but rather to gain access to information regarding military plans or contracts, and VFW has been in contact with federal law enforcement authorities regarding this potential threat," VFW Quartermaster General Robert B. Greene wrote in the notification letter [PDF]. "We cannot be certain this was the only motive, however, and the hacker accessed the type of information that puts you at risk for identity theft."
All those affected are being advised to review their credit reports for unauthorized activity and to consider placing fraud alerts or security freezes on their credit files.
The VFW is also offering all those affected one free year of identity theft protection services from AllClear ID.