Error by Veterans Affairs vendor exposed 3,936 veterans’ SSN in mailing
In its most recent report to Congress, the Veterans Affairs Department reported that on August 25, 6,299 out of the 69,366 “Benefit Summary” letters intended for veterans and non-veterans in Massachusetts were mailed to incorrect addresses. The letters contained the veterans’ and non-veterans’ benefit information including their claim number, which, in some instances, was the veterans’ full social security number (SSN). The incident was discovered on September 1 when a civilian notified the Boston VBA Regional Office of the mismailing.
The incident was investigated and it was determined that 3,913 of the 6,299 mis-mailed letters contained the full SSN and 2,386 contained the Veterans Benefits Adminstration (VBA) claim number.
According to the VBA, the incident occurred as a result of a programming error. The vendor reportedly merged veterans’ data with an old address database which caused the letters to be mailed to the incorrect addresses. To compound the issue, the names of some of the veterans were not visible in the window of the envelope, resulting in some of the letters being opened by third party individuals at the address.
The final count of unique living veterans whose SSN was exposed is 3,936, with an additional 30 SSNs of deceased veterans exposed. The VA offered 3,936 veterans credit protection letters and notified the 30 survivors by next-of-kin notification letters.