About 55,000 members of the Veterans of Foreign Wars of the United States (VFW) may have had personal information – including Social Security numbers – compromised after an unauthorized party gained access to a VFW web server using a remote access trojan and malicious code.
How many victims? About 55,000.
What type of personal information? Names, addresses, and Social Security numbers.
What happened? An unauthorized party used a remote access trojan and malicious code to gain access to a VFW web server, which contained the data.
What was the response? VFW removed the malicious code from the servers, cut off the attacker's access, and hired a group to investigate the breach. VFW notified federal law enforcement. All impacted individuals are being notified and offered one free year of identity theft protection services.
Details: VFW learned of the breach on March 4. The attacker is believed to be from China and is suspected of hacking the VFW website to gain access to information regarding military plans and contracts, not for identity theft purposes.
Quote: “We regret this attack occurred and any inconvenience or problems it may cause you,” Robert Greene, Quartermaster General, wrote in the breach notification.
Source: oag.ca.gov, “Data Breach Notification,” April 4, 2014.