The American Legion is challenging the Department of Veterans Affairs (VA) to take whatever measures are necessary to protect veterans personal information after a recent software defect on its eBenefits website exposed the online accounts of about 5,000 veterans to unauthorized users.
American Legion National Commander Daniel M. Dellinger wonders why such data breaches continue to plague the department.
"We’ve seen VA expose sensitive information about veterans before," Dellinger said. "Now it has happened with the relatively new eBenefits website. How can VA expect our veterans to file for benefits online when they may be risking identity theft by doing so?"
The defective software allowed veterans and servicemembers logged onto eBenefits to view account information of other users. After discovering the problem, VA shut down the system and switched over to an earlier version of the software.
VA’s Data Breach Core Team (DBCT) is reviewing the eBenefits failure. According to a statement issued by VA, once the DBCT determines the individual veterans affected, "VA will take the appropriate response, which may include free credit monitoring for the affected individuals, consistent with VA’s standard practice."
"There should be no ‘may’ in that statement," Dellinger said. "We want VA to guarantee credit monitoring services for every individual whose personal information may have been breached. That is the least VA can do to atone for its latest compromise of data."
Dellinger credited VA for informing the public about the eBenefits failure and for taking immediate action to minimize the damage. "But these data breaches need to stop," he said. "VA can’t continue to expose our veterans to identity theft. VA needs to take care of defective software before rolling out any online system."
The American Legion encourages any veteran who wants to file for benefits to contact an accredited American Legion service officer. Find a service officer in your state by visiting www.legion.org/serviceofficers.